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High Vulnerabilities 


Primary ane . CVSS Source & Patch 
Vendor -- Product Reecapton Published Score Info 
Echo ShareCare 8.15.5 is susceptible to SQL injection 


vulnerabilities when processing remote input from both 
echobh -- sharecare authenticated and unauthenticated users, leading to the ability || 2021-07-13 Lo 








CVE-2021-33578 


to bypass authentication, exfiltrate Structured Query Language we 


(SQL) records, and manipulate data. 








An issue was discovered in Echo ShareCare 8.15.5. It does not 
perform authentication or authorization checks when accessing 


echobh -- sharecare a subset of sensitive resources, leading to the ability for 2021-07-13 1S ee 











unauthenticated users to access pages that are vulnerable to MISC 

attacks such as SQL injection. 

Buffer overflow vulnerability in function jsvGetStringChars in CVE-2020-22884 
espruino -- espruino Espruino before RELEASE_2V09, allows remote attackers to 2021-07-13 iS MISC 

execute arbitrary code. ——— 

An improper symlink following in FortiClient for Mac 6.4.3 and CVE-2021-26089 
fortinet -- forticlient below may allow an non-privileged user to execute arbitrary 2021-07-12 cars CONFIRM 

privileged shell commands during installation phase. eo 





A missing cryptographic step in the implementation of the hash 
digest algorithm in FortiMail 6.4.0 through 6.4.4, and 6.2.0 


fortinet -- fortimail through 6.2.7 may allow an unauthenticated attacker to tamper |} 2021-07-09 1S CVE-2021-24020 


with signed URLs by appending further data which allows ——— 


bypass of signature verification. 


Multiple improper neutralization of special elements of SQL 
commands vulnerabilities in FortiMail before 6.4.4 may allow a 
non-authenticated attacker to execute unauthorized code or 
commands via specifically crafted HTTP requests. 








CVE-2021-24007 


fortinet -- fortimail CONFIRM 


2021-07-09 5 








CVE-2012-2666 
golang/go in 1.0.2 fixes all.bash on shared machines. dotest() MISC 
golang -- go in src/pkg/debug/gosym/pclntab_test.go creates a temporary 2021-07-09 res MISC 
































file with predicable name and executes it as shell script. MISC 
MISC 

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there 

is a possible out of bounds read due to a missing bounds 

check. This could lead to remote information disclosure over CVE-2021-0596 
google -- android NFC with no additional execution privileges needed. User 2021-07-14 7.8 MSC... 

interaction is not needed for exploitation.Product: ee 

AndroidVersions: Android-11 Android-8.1 Android-9 Android- 

10Android ID: A-181346550 
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google -- android 


In setNiNotification of GpsNetInitiatedHandler.java, there is a 
possible permissions bypass due to an empty mutable 
PendingIntent. This could lead to local escalation of privilege 
with User execution privileges needed. User interaction is not 
needed for exploitation.Product: AndroidVersions: Android-10 
Android-8.1 Android-9Android ID: A-154319182 


2021-07-14 


CVE-2020-0417 
MISC 





google -- android 


In flv extractor, there is a possible out of bounds write due to a 


heap buffer overflow. This could lead to local escalation of 
privilege with no additional execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android SoCAndroid ID: A-187161771 


2021-07-14 


CVE-2021-0577 
MISC 








google -- android 


In Factory::CreateStrictFunctionMap of factory.cc, there is a 
possible out of bounds write due to an incorrect bounds check. 
This could lead to remote code execution in an unprivileged 
process with no additional execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android-9 Android-10 Android-11 Android- 
8.1Android ID: A-167389063 


2021-07-14 


CVE-2021-0515 
MISC 








google -- android 


In beginWrite and beginRead of MessageQueueBase.h, there 
is a possible out of bounds write due to improper input 
validation. This could lead to local escalation of privilege with 
System execution privileges needed. User interaction is not 
needed for exploitation.Product: AndroidVersions: Android-8.1 
Android-9 Android-10 Android-11Android ID: A-184963385 


2021-07-14 


CVE-2021-0585 
MISC 








google -- android 


In onCreate of ConfirmConnectActivity, there is a possible 
remote bypass of user consent due to improper input 
validation. This could lead to remote (proximal, NFC) escalation 
of privilege allowing an attacker to deceive a user into allowing 
a Bluetooth connection with no additional execution privileges 
needed. User interaction is needed for exploitation.Product: 
AndroidVersions: Android-11 Android-8.1 Android-9 Android- 
10Android ID: A-176445224 


2021-07-14 


CVE-2021-0594 
MISC 








google -- android 


In StreamOut::prepareForWriting of StreamOut.cpp, there is a 
possible out of bounds write due to a use after free. This could 
lead to local escalation of privilege with no additional execution 
privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-8.1 Android-9 
Android-10 Android-11Android ID: A-185259758 


2021-07-14 


CVE-2021-0587 
MISC 








google -- android 


In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out 
of bounds write due to an incorrect bounds check. This could 
lead to local escalation of privilege with User execution 
privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-11 Android-8.1 
Android-9 Android-10Android ID: A-180939982 


2021-07-14 


CVE-2021-0589 
MISC 








google -- android 


In various functions in WideVine, there are possible out of 
bounds writes due to improper input validation. This could lead 
to remote code execution with no additional execution 
privileges needed. User interaction is needed for 
exploitation.Product: AndroidVersions: Android SoCAndroid ID: 
A-188061006 


2021-07-14 


CVE-2021-0592 
MISC 








google -- android 


In several functions of the V8 library, there is a possible use 
after free due to a race condition. This could lead to remote 
code execution in an unprivileged process with no additional 
execution privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-10 Android-9 
Android-11 Android-8.1Android ID: A-162604069 


2021-07-14 


CVE-2021-0514 
MISC 








google -- android 


In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, 
there is a possible way for guest users to view and modify Wi- 
Fi settings for all configured APs due to a permissions bypass. 
This could lead to local escalation of privilege with no additional 
execution privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-10 Android- 
11Android ID: A-177573895 


2021-07-14 


CVE-2021-0602 
MISC 








halo -- halo 


Remote Code Executon vulnerability in Halo 0.4.3 via the 
remoteAddr and themeName parameters. 


2021-07-12 


CVE-2020-18980 
MISC 








\jsish -- jsish 


Integer overflow vulnerability in function Jsi_ObjSetLength in 
\jsish before 3.0.6, allows remote attackers to execute arbitrary 
code. 


2021-07-13 


CVE-2020-22875 
MISC 
MISC 








\jsish -- jsish 








Integer overflow vulnerability in function Jsi_ObjArraySizer in 
jsish before 3.0.8, allows remote attackers to execute arbitrary 





code. 








2021-07-13 











CVE-2020-22874 
MISC 
MISC 
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running of multiple dangerous commands, including unzip, 
systemctl and dpkg. 


Weis ee dick Description Published | eis satel one 

\jsish -- jsish NumberToPrecisionCmd in sich before 3.0.7, allows remote 2021-07-13 | 75 oe 
attackers to execute arbitrary code. e-= 

kaseya -- vsa Kaseya VSA before 9.5.5 allows remote code execution. 2021-07-09 | yes) oa 
KramerAV VlAWare, all tested versions, allow privilege — 

iranderay = viaware escalation through misconfiguration of sudo. Sudoers permits 2021-07-12 75 CVE-2021-35064 


MISC 








linux -- linux_kernel 


An out-of-bounds memory write flaw was found in the Linux 
kernel's joystick devices subsystem in versions before 5.9-rc1, 
in the way the user calls ioctl JSIOCSBTNMAP. This flaw 
allows a local user to crash the system or possibly escalate 
their privileges on the system. The highest threat from this 
vulnerability is to confidentiality, integrity, as well as system 
availability. 


2021-07-09 


CVE-2021-3612 
MISC 
MISC 





linuxptp_ project -- linuxptp 


A flaw was found in the ptp4! program of the linuxptp package. 


[A missing length check when forwarding a PTP message 
between ports allows a remote attacker to cause an information 
leak, crash, or potentially remote code execution. The highest 
threat from this vulnerability is to data confidentiality and 
integrity as well as system availability. This flaw affects linuxptp 
versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, 
before 1.7.1, before 1.6.1 and before 1.5.1. 


2021-07-09 


CVE-2021-3570 
MISC 

DEBIAN 
FEDORA 
FEDORA 





CVE-2020-21132 








metinfo -- metinfo SQL Injection vulnerability in Metinfo 7.0.0beta in index.php. 2021-07-12 LS, MISC 
MISC 

Soe: ee . ' CVE-2020-21133 
metinig <cmetinie SQL Injection vulnerability in Metinfo 7.0.0 beta in 2021-07-12 75 MISC 
member/getpassword.php?lang=cn&a=dovalid. MISC 





microsoft -- exchange_server 


Microsoft Exchange Server Remote Code Execution 
Vulnerability This CVE ID is unique from CVE-2021-31196, 
CVE-2021-34473. 


2021-07-14 


CVE-2021-31206 


MISC 








Windows Kernel Elevation of Privilege Vulnerability This CVE 


CVE-2021-33771 















































Rest API endpoint which invokes this function also does not 
have any required permissions/authentication and can be 
accessed by an anonymous user. 

















peed = wine ID is unique from CVE-2021-31979, CVE-2021-34514. area | L2  |misc 
: . Windows Security Account Manager Remote Protocol Security CVE-2021-33757 
microsoft - windows_10 Feature Bypass Vulnerability Poet Or=As = MISC 
microsoft -- windows_10 Windows Secure Kernel Mode Security Feature Bypass 2021-07-14 72 CVE-2021-33744 
Vulnerability MISC 
F ‘ Windows Kernel Elevation of Privilege Vulnerability This CVE CVE-2021-31979 
mice wane ID is unique from CVE-2021-33771, CVE-2021-34514. even | L2  |imisc 
microsoft -- windows_10 Windows Media Remote Code Execution Vulnerability 2021-07-14 | 93 ee 
Nextcloud Server is a Nextcloud package that handles data 
storage. Nextcloud Server supports application specific tokens 
for authentication purposes. These tokens are supposed to be 
granted to a specific applications (e.g. DAV sync clients), and 3 
can also be configured by the user to not have any filesystem oe 
nextcloud -- nextcloud_server access. Due to a lacking permission check, the tokens were 2021-07-12 i CONFIRM 
able to change their own permissions in versions prior to MISC. 
19.0.13, 20.0.11, and 21.0.3. Thus fileystem limited tokens fears 
were able to grant themselves access to the filesystem. The 
issue is patched in versions 19.0.13, 20.0.11, and 21.0.3. There 
are no known workarounds aside from upgrading. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, 
webauthn tokens were not deleted after a user has been ee aes 
nextcloud -- nextcloud_server deleted. If a victim reused an earlier used username, the 2021-07-12 L5 MISC 
previous user could gain access to their account. The issue CONFIRM 
was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There are — 
no known workarounds. 
The Filebird Plugin 4.7.3 introduced a SQL injection 
vulnerability as it is making SQL queries without escaping user 
input data from a HTTP post request. This is a major 
niniateam:= flabid vulnerability as the user input is not escaped and passed 2021-07-12 75 Siren an 
) directly to the get_col function and it allows SQL injection. The = MISC. 
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Prototype pollution vulnerability in 'putil-merge' versions1.0.0 CVE-2021-25953 
putil-merge_project -- putil-merge |through 3.6.6 allows attacker to cause a denial of service and 2021-07-14 LS MISC...” 
may lead to remote code execution. e—=— 
Pillow through 8.2.0 and PIL (aka Python Imaging Library) 
; through 1.1.7 allow an attacker to pass controlled parameters CVE-2021-34552 
python -- pillow ; : : ; ; 2021-07-13 1S MISC 
directly into a convert function to trigger a buffer overflow in MISC 
Convert.c. fa 
Buffer overflow in modem due to improper array index check 
_ : before copying into it in Snapdragon Auto, Snapdragon 7. CVE-2020-11307 
Aualoominn =apq Seow. lmnWate Compute, Snapdragon Connectivity, Snapdragon Consumer enelae Ae 10 CONFIRM 
IOT, Snapdragon Industrial IOT, Snapdragon Wearables 
Improper length check of public exponent in RSA import key 
function could cause memory corruption. in Snapdragon Auto, CVE-2021-1890 
qualcomm -- apq8017_firmware ||[Snapdragon Compute, Snapdragon Connectivity, Snapdragon |} 2021-07-13 12 CONFIRM. 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon loT, _——— 
Snapdragon Voice & Music, Snapdragon Wearables 
Incorrect handling of pointers in trusted application key import 
mechanism could cause memory corruption in Snapdragon 
_ Auto, Snapdragon Compute, Snapdragon Connectivity, 07. CVE-2021-1886 
Aualeominn apa ey (7 nnmiWare Snapdragon Consumer IOT, Snapdragon Industrial IOT, ane ais L2 CONFIRM 
Snapdragon loT, Snapdragon Voice & Music, Snapdragon 
Wearables 
Possible buffer overflow due to lack of length check in Trusted 
Application in Snapdragon Auto, Snapdragon Compute, CVE-2021-1889 
qualcomm -- apq8017_firmware = ||Snapdragon Connectivity, Snapdragon Consumer IOT, 2021-07-13 toe CONFIRM. 
Snapdragon Industrial |OT, Snapdragon loT, Snapdragon Voice os 
& Music, Snapdragon Wearables 
Memory corruption in key parsing and import function due to 
double freeing the same heap allocation in Snapdragon Auto, CVE-2021-1888 
qualcomm -- apq8017_firmware ||Snapdragon Compute, Snapdragon Connectivity, Snapdragon |} 2021-07-13 G2 CONFIRM 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon loT, — 
Snapdragon Voice & Music, Snapdragon Wearables 
Possible buffer overflow due to improper validation of buffer 
length while processing fast boot commands in Snapdragon CVE-2021-1931 
qualcomm -- aqt1000_firmware —_|[Auto, Snapdragon Compute, Snapdragon Connectivity, 2021-07-13 12 CONFIRM. 
Snapdragon Consumer IOT, Snapdragon Industrial IOT, aris 
Snapdragon Mobile, Snapdragon Voice & Music 
Use after free can occur due to improper handling of response 
from firmware in Snapdragon Auto, Snapdragon Compute, CVE-2021-1940 
qualcomm -- aqt1000_ firmware Snapdragon Consumer IOT, Snapdragon Industrial IOT, 2021-07-13 i CONFIRM. 
Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon (ieee 
Wearables 
Possible buffer overflow due to lack of parameter length check 
: during MBSSID scan IE parse in Snapdragon Auto, CVE-2021-1965 
qualcomm — aqt!000_firmware Snapdragon Compute, Snapdragon Connectivity, Snapdragon eve veite 10 CONFIRM 
Mobile, Snapdragon Wired Infrastructure and Networking 
A function module of SAP NetWeaver AS ABAP (Reconciliation 
Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 
750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a CVE-2021-33678 
sap -- netweaver_as_abap high privileged attacker to inject code that can be executed by || 2021-07-14 i MISC 
the application. An attacker could thereby delete some critical MISC 
information and could make the SAP system completely 
unavailable. 
solanwinds < In SolarWinds DameWare Mini Remote Control Server CVE-2021-31217 
ait 12.0.1.200, insecure file permissions allow file deletion as 2021-07-13 9.4 MISC 
dameware_mini_remote_control SYSTEM. MISC 
CVE-2021-23389 
rae F The package total.js before 3.4.9 are vulnerable to Arbitrary 07. MISC 
fatale totals Code Execution via the U.set() and U.get() functions. Spentae 15 MISC 
MISC 
CVE-2021-23390 
—— The package total4 before 0.0.43 are vulnerable to Arbitrary a7 MISC 
fatale sneer Code Execution via the U.set() and U.get() functions. eee ae 15 MISC 
MISC 
SQL Injection in WMS v1.0 allows remote attackers to execute CVE-2020-18544 
lwms_ project -- wms arbitrary code via the "username" parameter in the component || 2021-07-12 £5 ee 











"chkuser.php". 
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Primary re . CVSS Source & Patch 
Vendor -- Product pesenprlen Published Score Info 
The Poll, Survey, Questionnaire and Voting system WordPress 
wpdevart -- plugin before 1.5.3 did not sanitise, escape or validate the CVE-2021-24442 
: : date answers[] POST parameter before using it ina SQL 2021-07-12 LS CONFIRM 
poll\,_survey\, questionnaire_and Weta SAE sending a Poll result, allowing unauthenticated MISC 
users to perform SQL Injection attacks 
Back to top 
Medium Vulnerabilities 
Primary Description Published Cvss Source & Patch 
Score 


Vendor -- Product 


Info 





apache -- ant 


When reading a specially crafted TAR archive an Apache Ant 
build can be made to allocate large amounts of memory that 
finally leads to an out of memory error, even for small inputs. 
This can be used to disrupt builds using Apache Ant. Apache 
Ant prior to 1.9.16 and 1.10.11 were affected. 


2021-07-14 


CVE-2021-36373 


MISC 
MISC 
MLIST 
MLIST 
MLIST 





apache -- ant 


formats, an Apache Ant build can be made to allocate large 
amounts of memory that leads to an out of memory error, even 
for small inputs. This can be used to disrupt builds using 
[Apache Ant. Commonly used derived formats from ZIP 
archives are for instance JAR files and many office files. 
Apache Ant prior to 1.9.16 and 1.10.11 were affected. 


When reading a specially crafted ZIP archive, or a derived 


2021-07-14 


CVE-2021-36374 


MISC 
MISC 
MLIST 
MLIST 
MLIST 








apache -- tomcat 


[Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 
8.5.0 to 8.5.66 did not correctly parse the HTTP transfer- 
encoding request header in some circumstances leading to the 
possibility to request smuggling when used with a reverse 
proxy. Specifically: - Tomcat incorrectly ignored the transfer 
encoding header if the client declared it would only accept an 
HTTP/1.0 response; - Tomcat honoured the identify encoding; 
and - Tomcat did not ensure that, if present, the chunked 
encoding was the final encoding. 


2021-07-12 


In 


CVE-2021-33037 
MISC 








apache -- tomcat 


A vulnerability in Apache Tomcat allows an attacker to remotely 
trigger a denial of service. An error introduced as part of a 
change to improve error handling during non-blocking I/O 
meant that the error flag associated with the Request object 
was not reset between requests. This meant that once a non- 
blocking I/O error occurred, all future requests handled by that 
request object would fail. Users were able to trigger non- 
blocking I/O errors, e.g. by dropping a connection, thereby 
creating the possibility of triggering a DoS. Applications that do 
not use non-blocking I/O are not exposed to this vulnerability. 
This issue affects Apache Tomcat 10.0.3 to 10.0.4; 9.0.44; 
8.5.64. 


2021-07-12 


CVE-2021-30639 
MISC 

MLIST 

MLIST 








artifex -- mujs 


Buffer overflow vulnerability in function jsG_markobject in 
isgc.c in mujs before 1.0.8, allows remote attackers to cause a 
denial of service. 


2021-07-13 


a 


CVE-2020-22886 
MISC 





Buffer overflow vulnerability in mujs before 1.0.8 due to 


CVE-2020-22885 





























vulnerability can be exploited by remote attackers to execute 
arbitrary code. 
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artifex -- mujs recursion in the GC scanning phase, allows remote attackers to||/ 2021-07-13 Leh MISC 
cause a denial of service. ipieacearl 
A maliciously crafted PDF, PICT or TIFF file can be used to 
, F write beyond the allocated buffer while parsing PDF, PICT or CVE-2021-27036 
sulonesk — Gesignieview TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This 2021-07-09 | 88  Imisc 
vulnerability can be exploited to execute arbitrary code. 
A maliciously crafted TIFF file in Autodesk 2018, 2017, 2013, 
: - 2012, 2011 can be forced to read and write beyond allocated CVE-2021-27039 
pulodoek *HesiOn heview boundaries when parsing the TIFF file. This vulnerability can be a ai 68 |imisc 
exploited to execute arbitrary code. 
[A Type Confusion vulnerability in Autodesk 2018, 2017, 2013, 
; : 2012, 2011 can occur when processing a maliciously crafted CVE-2021-27038 
AUR Deh sed eSIQn review PDF file. An attacker can leverage this to execute arbitrary eels 68 |imisc 
code. 
A maliciously crafted PNG, PDF or DWF file in Autodesk 2018, 
2017, 2013, 2012, 2011 can be used to attempt to free an CVE-2021-27037 
autodesk -- design_review object that has already been freed while parsing them. This 2021-07-09 6.8 nica 


MISC 
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Primary ties . CVSS Source & Patch 
Vendor -- Product Deacnplon Published | Score Info 
[A heap-based buffer overflow could occur while parsing PICT CVE-2021-27034 
autodesk -- design_review or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011. This 2021-07-09 = 


MISC 








autodesk -- design_review 


A maliciously crafted TIFF, PDF, PICT or DWF files in Autodesk 
2018, 2017, 2013, 2012, 2011 can be forced to read beyond 
allocated boundaries when parsing the TIFF, PDF, PICT or 
DWF files. This vulnerability can be exploited to execute 
arbitrary code. 


2021-07-09 


CVE-2021-27035 
MISC 





axiosys -- bento4 


A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 


1.5.1-628 leads to a denial of service (DOS). 


2021-07-13 


CVE-2020-19719 
MISC 





axiosys -- bento4 


[An unhandled memory allocation failure in Core/Ap4Atom.cpp 


of Bento 1.5.1-628 causes a direct copy to NULL pointer 
dereference, leading to a denial of service (DOS). 


2021-07-13 


CVE-2020-19722 
MISC 








axiosys -- bento4 


An unhandled memory allocation failure in 
Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL 
pointer dereference, leading to a denial of service (DOS). 


2021-07-13 


CVE-2020-19720 
MISC 





An unhandled memory allocation failure in Core/Ap4Atom.cpp 


CVE-2020-19718 


























application. As a result when admin in backend download and 
open the csv, content of the cells are executed. 


axiosys -- bento4 of Bento 1.5.1-628 causes a NULL pointer dereference, leading|| 2021-07-13 4.3 MISC 
to a denial of service (DOS). i 
An unhandled memory allocation failure in 
axiosys -- bento4 Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL 2021-07-13 | 4.3 oe 
pointer dereference, leading to a denial of service (DOS). = 
[A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of 
‘ Bento 1.5.1-628 may lead to an out-of-bounds write while CVE-2020-19721 
axiosys — bento4 running mp42aac, leading to system crashes and a denial of St al 43 MISC 
service (DOS). 
F : Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via CVE-2020-18145 
palate Mimenitan /public/common/umeditor/php/getcontent.php. penis 43 MISC 
The “Subscribe” feature in Ultimate Booking System Booking 
Core 1.7.0 is vulnerable to CSV formula injection. The input : : 
bookingcore -- booking_core containing the excel formula is not being sanitized by the 2021-07-14 6.8 —— 


MISC 





bookingcore -- booking_core 


Cross Site Request Forgery (CSRF) vulnerability in Booking 


Core - Ultimate Booking System Booking Core 1.7.0 . The 
CSRF token is not being validated when the request is sent as 
a GET method. This results in an unauthorized change in the 
user's email ID, which can later be used to reset the password. 
The new password will be sent to a modified email ID. 


2021-07-14 


CVE-2020-27379 
MISC 








brave -- brave 


In Brave Desktop between versions 1.17 and 1.26.60, when 
adblocking is enabled and a proxy browser extension is 
installed, the CNAME adblocking feature issues DNS requests 
that used the system DNS settings instead of the extension's 
proxy settings, resulting in possible information disclosure. 


2021-07-12 


CVE-2021-22916 
MISC 








brave -- browser 


Brave Browser Desktop between versions 1.17 and 1.20 is 
vulnerable to information disclosure by way of DNS requests in 
Tor windows not flowing through Tor if adblocking was enabled. 


2021-07-12 


CVE-2021-22917 
MISC 








codeblab -- glass 


The Glass WordPress plugin through 1.3.2 does not sanitise or 
escape its "Glass Pages" setting before outputting in a page, 
leading to a Stored Cross-Site Scripting issue. Furthermore, the 
plugin did not have CSRF check in place when saving its 
settings, allowing the issue to be exploited via a CSRF attack. 


2021-07-12 


CVE-2021-24434 
CONFIRM 








dell -- 
emc_unity_operating_environment 


Dell EMC Unity, Unity XT, and UnityVSA versions prior to 
5.1.0.0.5.394 contain a plain-text password storage 
vulnerability. A local malicious user with high privileges may 
use the exposed password to gain access with the privileges of 
the compromised user. 


2021-07-12 


CVE-2021-21590 
MISC 








dell -- 
emc_unity_operating_environment 


Dell EMC Unity, Unity XT, and UnityVSA versions prior to 
5.1.0.0.5.394 do not exit on failed Initialization. A local 
authenticated Service user could potentially exploit this 
vulnerability to escalate privileges. 


2021-07-12 


CVE-2021-21589 
MISC 








dell -- 
emc_unity_operating_environment 








Dell EMC Unity, Unity XT, and UnityVSA versions prior to 
5.1.0.0.5.394 contain a plain-text password storage 
vulnerability. A local malicious user with high privileges may 
use the exposed password to gain access with the privileges of 
the compromised user. 











2021-07-12 








CVE-2021-21591 
MISC 
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Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket 
Hijacking Vulnerability in the Presentation Server/WebUI. An 
dell -- unauthenticated attacker could potentially exploit this 2021-07-12 43 CVE-2021-21588 


powerflex_presentation_server 


vulnerability by tricking the user into performing unwanted 
actions on the Presentation Server and perform which may 
lead to configuration changes. 


MISC 





delta_project -- delta 


dandavison delta before 0.8.3 on Windows resolves an 
executable's pathname as a relative path from the current 
directory. 


2021-07-13 


CVE-2021-36376 


CONFIRM 
MISC 
MISC 





devolutions -- devolutions_server 


Devolutions Server before 2021.1.18, and LTS before 
2020.3.20, allows attackers to intercept private keys via a man- 
in-the-middle attack against the connections/partial endpoint 
(which accepts cleartext). 


2021-07-12 


CVE-2021-36382 
MISC 





echobh -- sharecare 


An issue was discovered in Echo ShareCare 8.15.5. The 
TextReader feature in General/TextReader/TextReader.cfm is 
susceptible to a local file inclusion vulnerability when 
processing remote input in the textFile parameter from an 
authenticated user, leading to the ability to read arbitrary files 
on the server filesystems as well any files accessible via 
Universal Naming Convention (UNC) paths. 


2021-07-13 


CVE-2021-36123 
MISC 








echobh -- sharecare 


An issue was discovered in Echo ShareCare 8.15.5. The 
UnzipFile feature in 
Access/EligFeedParse_Sup/UnzipFile_Upd.cfm is susceptible 
to a command argument injection vulnerability when processing 
remote input in the zippass parameter from an authenticated 
user, leading to the ability to inject arbitrary arguments to 
7Z.exe. 


2021-07-13 


CVE-2021-36122 
MISC 














echobh -- sharecare 


An issue was discovered in Echo ShareCare 8.15.5. The file- 
upload feature in 
AAccess/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible 
to an unrestricted upload vulnerability via the name1 

parameter, when processing remote input from an 
authenticated user, leading to the ability for arbitrary files to be 
written to arbitrary filesystem locations via ../ Directory 
Traversal on the Z: drive (a hard-coded drive letter where 
ShareCare application files reside) and remote code execution 
as the ShareCare service user (NT AUTHORITY\SYSTEM). 


2021-07-13 


CVE-2021-36121 
MISC 








edgexfoundry -- edgex_foundry 


EdgeX Foundry is an open source project for building a 
common open framework for internet-of-things edge 
computing. A vulnerability exists in the Edinburgh, Fuji, 
Geneva, and Hanoi versions of the software. When the Edgex 
API gateway is configured for OAuth2 authentication and a 
proxy user is created, the client_id and client_secret required to 
obtain an OAuth2 authentication token are set to the username 
of the proxy user. A remote network attacker can then perform 
a dictionary-based password attack on the OAuth2 token 
endpoint of the API gateway to obtain an OAuth2 
authentication token and use that token to make authenticated 
calls to EdgeX microservices from an untrusted network. 
OAuth2 is the default authentication method in EdgeX 
Edinburgh release. The default authentication method was 
changed to JWT in Fuji and later releases. Users should 
upgrade to the EdgeX Ireland release to obtain the fix. The 
OAuth2 authentication method is disabled in Ireland release. If 
unable to upgrade and OAuth2 authentication is required, 
users should create OAuth2 users directly using the Kong 
admin API and forgo the use of the ‘security-proxy-setup’ tool 
to create OAuth2 users. 


2021-07-09 


CVE-2021-32753 
MISC 
CONFIRM 








edifecs -- 


transaction_management 


In Edifecs Transaction Management through 2021-07-12, an 
unauthenticated user can inject arbitrary text into a user's 
browser via logon.jsp?logon_error= on the login screen of the 
Web application. 


2021-07-12 


In 


CVE-2021-36381 
MISC 
MISC 








element-it -- http_commander 


A Directory Traversal vulnerability in the Unzip feature in 
Elements-IT HTTP Commander 5.3.3 allows remote 
authenticated users to write files to arbitrary directories via 
relative paths in ZIP archives. 


2021-07-14 


CVE-2021-33211 
MISC 
MISC 








element-it -- http_commander 





An SSRF vulnerability in the "Upload from URL" feature in 
Elements-IT HTTP Commander 5.3.3 allows remote 
authenticated users to retrieve HTTP and FTP files from the 





internal server network by inserting an internal address. 








2021-07-14 





PS 





PS 


CVE-2021-33213 
MISC 
MISC 
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esri -- arcgis_server 


A stored Cross Site Scripting (XXS) vulnerability in ArcGIS 
Server Manager version 10.8.1 and below may allow a remote 
unauthenticated attacker to pass and store malicious strings in 
the ArcGIS Server Manager application. 


2021-07-10 


CVE-2021-29107 
CONFIRM 





esri -- arcgis_server 


A reflected Cross Site Scripting (XSS) vulnerability in Esri 
ArcGIS Server version 10.8.1 and below may allow a remote 
attacker able to convince a user to click on a crafted link which 
could potentially execute arbitrary JavaScript code in the user’s 
browser. 


2021-07-10 


CVE-2021-29106 
CONFIRM 








A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS 
Server Manager version 10.8.1 and below may allow a remote, 


CVE-2021-29102 


























application, leading to a denial of service (DOS). 


esri -- arcgis_server unauthenticated attacker to forge GET requests to arbitrary 2021-07-11 6.4 CONFIRM 
URLs from the system, potentially leading to network ee 
enumeration or facilitating other attacks. 
A stored Cross Site Scripting (XXS) vulnerability in ArcGIS 
: F Server Manager version 10.8.1 and below may allow a remote CVE-2021-29104 
Sel Sete o Sr unauthenticated attacker to pass and store malicious strings in setae lL 4.3 CONFIRM 
the ArcGIS Server Manager application. 
A reflected Cross Site Scripting (XXS) vulnerability in ArcGIS 
Server version 10.8.1 and below may allow a remote attacker CVE-2021-29103 
esri -- arcgis_server able to convince a user to click on a crafted link which could 2021-07-11 4.3 CONFIRM 
potentially execute arbitrary JavaScript code in the user’s ——— 
browser. 
A cross-site scripting (XSS) vulnerability in wp- 
content/plugins/event-espresso-core- 
reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php eae 
eventespresso -- event_espresso ||. : -07- 4.3 MISC 
in the Event Espresso Core plugin before 4.10.7.p for MISC 
WordPress allows remote attackers to inject arbitrary web = 
script or HTML via the page parameter. 
F ; A buffer overflow vulnerability in the Databuf function in CVE-2020-19716 
eee types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS). cc ete | 43° \misc 
An integer overflow vulnerability in the getUShort function of 
exiv2 -- exiv2 Exiv2 0.27.1 results in segmentation faults within the 2021-07-13 Sears 


MISC 





fetchdesigns -- sign-up_ sheets 


The Sign-up Sheets WordPress plugin before 1.0.14 does not 


not sanitise or validate the Sheet title when generating the CSV 
to export, which could lead to a CSV injection issue 


2021-07-12 


CVE-2021-24441 


CONFIRM 








fortinet -- fortiap 


An improper neutralization of special elements used in an OS 
Command vulnerability in FortiAP's console 6.4.1 through 6.4.5 
and 6.2.4 through 6.2.5 may allow an authenticated attacker to 
execute unauthorized commands by running the kdbg CLI 
command with specifically crafted arguments. 


2021-07-09 


CVE-2021-26106 
CONFIRM 





fortinet -- fortimail 


A missing release of memory after its effective lifetime 
vulnerability in the Webmail of FortiMail 6.4.0 through 6.4.4 and 
6.2.0 through 6.2.6 may allow an unauthenticated remote 
attacker to exhaust available memory via specifically crafted 
login requests. 


2021-07-12 


CVE-2021-26090 
CONFIRM 








fortinet -- fortimail 


An improper neutralization of special elements used in an OS 
Command vulnerability in the administrative interface of 
FortiMail before 6.4.4 may allow an authenticated attacker to 
execute unauthorized commands via specifically crafted HTTP 
requests. 


2021-07-12 


CVE-2021-24015 
CONFIRM 





fortinet -- fortimail 


A missing cryptographic step in the Identity-Based Encryption 


service of FortiMail before 7.0.0 may allow an unauthenticated 
attacker who intercepts the encrypted messages to manipulate 
them in such a way that makes the tampering and the recovery 
of the plaintexts possible. 


2021-07-09 


CVE-2021-26100 
CONFIRM 








fortinet -- fortimail 


Multiple Path traversal vulnerabilities in the Webmail of 
FortiMail before 6.4.4 may allow a regular user to obtain 
unauthorized access to files and data via specifically crafted 
web requests. 


2021-07-12 


rs 


CVE-2021-24013 
CONFIRM 








fortinet -- fortimail 











Missing cryptographic steps in the Identity-Based Encryption 
service of FortiMail before 7.0.0 may allow an attacker who 
comes in possession of the encrypted master keys to 
compromise their confidentiality by observing a few invariant 
properties of the ciphertext. 








2021-07-12 











CVE-2021-26099 
CONFIRM 
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access to trigger a buffer overflow and to possibly execute 
unauthorized code or commands via specifically crafted HTTP 
requests. 


Primary er . CVSS Source & Patch 
Vendor -- Product Desenprlen Published Score Info 
Multiple instances of incorrect calculation of buffer size in the 
Webmail and Administrative interface of FortiMail before 6.4.5 
Porticakce FOMIRAAII may allow an authenticated attacker with regular webmail 2021-07-09 CVE-2021-22129 


CONFIRM 





fortinet -- fortisandbox 


[A concurrent execution using shared resource with improper 


synchronization (‘race condition’) in the command shell of 
FortiSandbox before 3.2.2 may allow an authenticated attacker 
to bring the system into an unresponsive state via specifically 
orchestrated sequences of commands. 


2021-07-09 


CVE-2020-29014 
CONFIRM 








foxitsoftware -- foxit_reader 


Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 
produce incorrect PDF document signatures because the 
certificate name, document owner, and signature author are 
mishandled. 


2021-07-09 


CVE-2021-33795 
MISC 








foxitsoftware -- foxit_reader 


Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 
have an out-of-bounds write via a crafted /Size key in the 
Trailer dictionary. 


2021-07-09 


CVE-2021-33792 
MISC 





getambassador -- emissary- 
ingress 


Emissary-Ingress (formerly Ambassador API Gateway) through 


1.13.9 allows attackers to bypass client certificate requirements 
(i.e., mTLS cert_required) on backend upstreams when more 
than one TLSContext is defined and at least one configuration 
exists that does not require client certificate authentication. The 
attacker must send an SNI specifying an unprotected backend 
and an HTTP Host header specifying a protected backend. (2.x 
versions are unaffected. 1.x versions are unaffected with 
certain configuration settings involving 
prune_unreachable_routes and a wildcard Host resource.) 


2021-07-09 


CVE-2021-36371 
MISC 
MISC 








google -- android 


In handleSendStatusChangeBroadcast of 
WifiDisplayAdapter.java, there is a possible leak of location- 
sensitive data due to a missing permission check. This could 
lead to local information disclosure with no additional execution 
privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-11Android ID: 
A-176541017 


2021-07-14 


CVE-2021-0518 
MISC 





google -- android 


In onCreate of DevicePickerFragment.java, there is a possible 


way to trick the user to select an unwanted bluetooth device 
due to a tapjacking/overlay attack. This could lead to local 
escalation of privilege with no additional execution privileges 
needed. User interaction is needed for exploitation.Product: 
AndroidVersions: Android-11 Android-8.1 Android-9 Android- 
10Android ID: A-182584940 


2021-07-14 


CVE-2021-0586 
MISC 








google -- android 


In processInboundMessage of MceStateMachine.java, there is 
a possible SMS disclosure due to a missing permission check. 
This could lead to local information disclosure with no 
additional execution privileges needed. User interaction is not 
needed for exploitation.Product: AndroidVersions: Android-8.1 
Android-9Android ID: A-177238342 


2021-07-14 


CVE-2021-0588 
MISC 








google -- android 


In onCreate of PermissionActivity.java, there is a possible 
permission bypass due to Confusing UI. This could lead to local 
escalation of privilege with no additional execution privileges 
needed. User interaction is needed for exploitation.Product: 
AndroidVersions: Android-11Android ID: A-174495520 


2021-07-14 


CVE-2021-0441 
MISC 





google -- android 


In onCreate of DeviceAdminAdd.java, there is a possible way 


to mislead a user to activate a device admin app due to 
improper input validation. This could lead to local escalation of 
privilege with no additional execution privileges needed. User 
interaction is needed for exploitation.Product: AndroidVersions: 
Android-8.1 Android-9 Android-10 Android-11Android ID: A- 
179042963 


2021-07-14 


CVE-2021-0600 
MISC 


[o is ko fo ko es le | les is le 
Ico eS iO IO {co} (se) |CO (Se) (Se) ion 








google -- android 











In encodeFrames of avc_enc_fuzzer.cpp, there is a possible 
out of bounds write due to a double free. This could lead to 
local information disclosure with no additional execution 
privileges needed. User interaction is not needed for 
exploitation.Product: AndroidVersions: Android-10 Android-11 
Android-8.1 Android-9Android ID: A-180643802 








2021-07-14 











CVE-2021-0601 
MISC 
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privilege with User execution privileges needed. User 
interaction is needed for exploitation.Product: AndroidVersions: 
Android-11Android ID: A-182809425 


Primary ia . CVSS Source & Patch 
Vendor -- Product Peserptlen Published Score Info 
In onCreate of ContactSelectionActivity.java, there is a possible 
way to get access to contacts without permission due to a 
google -- android tapjacking/overlay attack. This could lead to local escalation of 2021-07-14 CVE-2021-0603 


MISC 





google -- android 


In sendNetworkConditionsBroadcast of NetworkMonitor.java, 


there is a possible way for a privileged app to receive WiFi 
BSSID and SSID without location permissions due to a missing 
permission check. This could lead to local information 
disclosure with System execution privileges needed. User 
interaction is not needed for exploitation.Product: 
AndroidVersions: Android-10 Android-11 Android-8.1 Android- 
9Android ID: A-175213041 


2021-07-14 


CVE-2021-0590 
MISC 








google -- android 


In onPackageAddedinternal of 
PermissionManagerService.java, there is possible access to 
external storage due to a permissions bypass. This could lead 
to local escalation of privilege with User execution privileges 
needed. User interaction is not needed for exploitation.Product: 
AndroidVersions: Android-10 Android-11Android ID: A- 
171430330 


2021-07-14 


CVE-2021-0486 
MISC 





google -- android 


In scheduleTimeoutLocked of NotificationRecord.java, there is 


a possible disclosure of a sensitive identifier via broadcasted 
intent due to a confused deputy. This could lead to local 
information disclosure with no additional execution privileges 
needed. User interaction is not needed for exploitation.Product: 
AndroidVersions: Android-9 Android-10 Android-11 Android- 
8.1Android ID: A-175614289 


2021-07-14 


CVE-2021-0599 
MISC 








In notifyProfileAdded and notifyProfileRemoved of 
SipService.java, there is a possible way to retrieve SIP account 
names due to a missing permission check. This could lead to 


CVE-2021-0597 


















































google -- android local information disclosure with no additional execution 2021-07-14 4.9 MISC 
privileges needed. User interaction is not needed for ams 
exploitation.Product: AndroidVersions: Android-8.1 Android-9 
Android-10 Android-11Android ID: A-176496502 
halo -- halo File Deletion vulnerability in Halo 0.4.3 via delBackup. 2021-07-12 | 64 ee 
Incorrect Access Control vulnearbility in Halo 0.4.3, which 
halo -- halo allows a malicious user to bypass encrption to view encrpted 2021-07-12 5 oe 
articles via cookies. (ease 
Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X- CVE-2020-18979 
ndlorsnalo forwarded-for Header parameter. aes 43 MISC 
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP CVE-2020-23079 
hele =-lald configuration, which can detect the server intranet. Ave Ne | 5 MISC 
In HMS Ewon eCatcher through 6.6.4, weak filesystem ooo 
permissions could allow malicious users to access files that fe apeee 
hms-networks -- ecatcher could lead to sensitive information disclosure, modification of 2021-07-09 & vere 
configuration files, or disruption of normal system operation. MISC 
DaviewlIndy v8.98.7.0 and earlier versions have a Integer 
= aa overflow vulnerability, triggered when the user opens a 07. CVE-2020-7872 
binitaliss Gas ewingy malformed format file that is mishandled by Daviewindy. 2021-07-12 | 68 isc 
Attackers could exploit this and arbitrary code execution. 
A component of the HarmonyOS 2.0 has a Null Pointer CVE-2021-22318 
huawei -- harmonyos Dereference Vulnerability. Local attackers may exploit this 2021-07-14 4.9 MsSGc.tC—~™ 
vulnerability to cause system denial of service. (eae 
IBM Cloud Pak for Applications 4.3 could allow an CVE-2021-20423 
ibm -- cloud_pak_for_applications |jauthenticated user gain escalated privilesges due to improper |} 2021-07-13 6.5 baw 
application permissions. IBM X-Force ID: 196308. CONFIRM 
IBM Cloud Pak for Applications 4.3 could disclose sensitive CVE-2021-20422 
ibm -- cloud_pak_for_applications |linformation to a malicious attacker by accessing data stored in || 2021-07-13 a] CONFIRM 
memory. IBM X-Force ID: 196304. XF 





ibm -- cloud_pak_for_applications 


IBM Cloud Pak for Applications 4.3 uses weaker than expected 


cryptographic algorithms that could allow an attacker to decrypt 
highly sensitive information. IBM X-Force ID: 195361. 


2021-07-13 


CVE-2021-20369 


CONFIRM 
XE 








ibm -- cloud_pak_for_applications 














IBM Cloud Pak for Applications 4.3 uses weaker than expected 
cryptographic algorithms that could allow an attacker to decrypt 
highly sensitive information. IBM X-Force ID: 195031. 
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CONFIRM 
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information could be used in further attacks against the system. 
X-Force ID: 196309. 


Primary er . CVSS Source & Patch 
Vendor -- Product Desenprlen Published Score Info 
IBM Cloud Pak for Applications 4.3 could allow a remote 
attacker to obtain sensitive information when a detailed CVE-2021-20424 
ibm -- cloud_pak_for_applications ||technical error message is returned in the browser. This 2021-07-13 XF 


CONFIRM 








ibm -- event_streams 


IBM Event Streams 10.0, 10.1, 10.2, and 10.3 could allow a 
user the CA private key to create their own certificates and 
deploy them in the cluster and gain privileges of another user. 
IBM X-Force ID: 203450. 


2021-07-12 


CVE-2021-29792 
CONFIRM 
XE 








ibm -- guardium_data_encryption 


IBM Guardium Data Encryption (GDE) 3.0.0.2 could allow a 
user to bruce force sensitive information due to not properly 
limiting the number of interactions. IBM X-Force ID: 196216. 


2021-07-12 


CVE-2021-20414 
CONFIRM 
XE 





ibm -- 
infosphere_information_server 


site scripting. This vulnerability allows users to embed arbitrary 
JavaScript code in the Web UI thus altering the intended 
functionality potentially leading to credentials disclosure within 
a trusted session. IBM X-Force ID: 200966. 


IBM InfoSphere Information Server 11.7 is vulnerable to cross- 


2021-07-09 


CVE-2021-29712 
CONFIRM 
XE 








ibm -- 
infosphere_information_server 


IBM InfoSphere Information Server 11.7 is vulnerable to SQL 
injection. A remote attacker could send specially crafted SQL 
statements, which could allow the attacker to view, add, modify 
or delete information in the back-end database. IBM X-Force 
ID: 201164. 


2021-07-09 


CVE-2021-29730 
XE 
CONFIRM 





ibm -- mq_appliance 


IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site 


request forgery which could allow an attacker to execute 
malicious and unauthorized actions transmitted from a user that 
the website trusts. IBM X-Force ID: 191815. 


2021-07-12 


CVE-2020-4938 


CONFIRM 
XE 





ibm -- tivoli_netcoolVimpact 


IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an 


insecure SSH server configuration which enables weaker than 
expected cryptographic algorithms that could allow an attacker 
to decrypt highly sensitive information. IBM X-Force ID: 
203556. 


2021-07-12 


CVE-2021-29794 
XE 
CONFIRM 








Icinga Web 2 is an open source monitoring web interface, 
framework, and command-line interface. A vulnerability in 
which custom variables are exposed to unauthorized users 
exists between versions 2.0.0 and 2.8.2. Custom variables are 
user-defined keys and values on configuration objects in Icinga 
2. These are commonly used to reference secrets in other 
configurations such as check commands to be able to 
authenticate with a service being checked. Icinga Web 2 
displays these custom variables to logged in users with access 
to said hosts or services. In order to protect the secrets from 
being visible to anyone, it's possible to setup protection rules 
and blacklists in a user's role. Protection rules result in ****" 


CVE-2021-32747 
MISC 









































requirement. 

















Peay ie being shown instead of the original value, the key will remain. ere 4 lee 
; ives : : CONFIRM 

Backlists will hide a custom variable entirely from the user. MISC 

Besides using the UI, custom variables can also be accessed a 

differently by using an undocumented URL parameter. By 

adding a parameter to the affected routes, Icinga Web 2 will 

show these columns additionally in the respective list. This 

parameter is also respected when exporting to JSON or CSV. 

Protection rules and blacklists however have no effect in this 

case. Custom variables are shown as-is in the result. The issue 

has been fixed in the 2.9.0, 2.8.3, and 2.7.5 releases. As a 

workaround, one may set up a restriction to hide hosts and 

services with the custom variable in question. 

Lightning Wire Labs IPFire 2.21 (x86_64) - Core Update 130 is 

affected by: Cross Site Scripting (XSS). The impact is: Session 
jofite = iphre Hijacking (local). The component is: Affected at Routing 2021-07-12 43 ee 
a P configuration via the "Remark" text box or "remark" parameter. —— MISC 

The attack vector is: Attacker need to craft the malicious = 

javascript code. 

Stack overflow vulnerability in function jsi_evalcode_sub in 
\jsish -- jsish jsish before 3.0.18, allows remote attackers to cause a Denial 2021-07-13 5 ao 

of Service via a crafted value to the execute parameter. foes 
kaseya -- vsa SQL injection exists in Kaseya VSA before 9.5.6. 2021-07-09 | 6.5 oo 
kaseya -- vsa Local file inclusion exists in Kaseya VSA before 9.5.6. 2021-07-09 | 6.5 7 ae 
kaseya -- vsa Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA 2021-07-09 | 5 CVE-2021-30120 


MISC 
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specific header in WebView. 


Primary ae . CVSS Source & Patch 
Vendor -- Product Peserptlen Published | Score Info 
kaseya -- vsa ee ale Entity (XXE) issue exists in Kaseya VSA 2021-07-09 | 6.5 oo 
linecorp -- line LINE client for iOS before 10.16.3 allows cross site script with 2021-07-13 43 CVE-2021-36214 


MISC 





linuxfoundation -- grpc_swift 


Mismanaged state in GRPCWebToHT TP2ServerCodec.swift in 
gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny 
service by sending malformed requests. 


2021-07-09 


CVE-2021-36153 


MISC 
MISC 
MISC 





linuxfoundation -- grpc_swift 


LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier 


allocates buffers of arbitrary length, which allows remote 
attackers to cause uncontrolled resource consumption and 
deny service. 


2021-07-09 


CVE-2021-36155 


MISC 
MISC 
MISC 





linuxfoundation -- grpc_swift 


HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and 


earlier allows remote attackers to deny service via the delivery 
of many small messages within a single HTTP/2 frame, leading 
to Uncontrolled Recursion and stack consumption. 


2021-07-09 


Bec 


CVE-2021-36154 


MISC 
MISC 
MISC 





A flaw was found in the ptp4! program of the linuxptp package. 


When ptp4l is operating on a little-endian architecture as a PTP 
transparent clock, a remote attacker could send a crafted one- 


CVE-2021-3571 
MISC 








n=language&c=language_web&a=doAddLanguage. 


linuxptp_project -- linuxptp step sync message to cause an information leak or crash. The || 2021-07-09 55 FEDORA 
highest threat from this vulnerability is to data confidentiality FEDORA 
and system availability. This flaw affects linuxptp versions pa 
before 3.1.1 and before 2.0.1. 
so apt ane : P CVE-2020-21131 
Roehaie<cETARS SQL Injection vulnerability in MetiInfo 7.0.0beta via admin/? 2021-07-12 6.5 MISC 


MISC 





microfocus -- 
netiq_advanced_authentication 


Multi-Factor Authentication (MFA) functionality can be 
bypassed, allowing the use of single factor authentication in 
NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 
1. 


2021-07-12 


= 


CVE-2021-22515 
CONFIRM 





2021-07-14 


CVE-2021-33753 

















34523. 


microsoft -- bing Microsoft Bing Search Spoofing Vulnerability 4.3 MISG 
CVE-2021-33766 
microsoft -- exchange_server Microsoft Exchange Information Disclosure Vulnerability 2021-07-14 SI MISC 
MISC 
Microsoft Exchange Server Remote Code Execution CVE-2021-31196 
microsoft -- exchange_server Vulnerability This CVE ID is unique from CVE-2021-31206, 2021-07-14 6.5 MSC. 
CVE-2021-34473. aaa 
Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2021-33768 
microsoft -- exchange_server This CVE ID is unique from CVE-2021-34470, CVE-2021- 2021-07-14 5.2 nc 


MISC 





microsoft -- 
hevc_video_extensions 


HEVC Video Extensions Remote Code Execution Vulnerability 


This CVE ID is unique from CVE-2021-31947, CVE-2021- 
33775, CVE-2021-33776, CVE-2021-33777. 


2021-07-14 


CVE-2021-33778 


MISC 








HEVC Video Extensions Remote Code Execution Vulnerability 




































































Oe aiantens This CVE ID is unique from CVE-2021-31947, CVE-2021- 2021-07-14] 68 ames 
ICED 33776, CVE-2021-33777, CVE-2021-33778. MISC 
; HEVC Video Extensions Remote Code Execution Vulnerability 
ea sieeve This CVE ID is unique from CVE-2021-31947, CVE-2021- 2021-07-14 | 68 vena 
eviews 33775, CVE-2021-33777, CVE-2021-33778. MISC 
‘ HEVC Video Extensions Remote Code Execution Vulnerability 
esate Serene This CVE ID is unique from CVE-2021-31947, CVE-2021- 2021-07-14 | 68 eee 
EvIdeO. 33775, CVE-2021-33776, CVE-2021-33778. MISC 
. HEVC Video Extensions Remote Code Execution Vulnerability 
ee ateneens This CVE ID is unique from CVE-2021-33775, CVE-2021- 2021-07-14 | 68 wee 
Meee 33776, CVE-2021-33777, CVE-2021-33778. Ml 
microsoft -- ; ie ue CVE-2021-33767 
open_enclave_software_developm| See ENCIave SDK Elevation of Privilege Vulnerability 2021-07-14 | 4.6 MISC 
microsoft -- ; ‘is CVE-2021-31984 
power _bi_report_server Power BI Remote Code Execution Vulnerability 2021-07-14 | 6.8 MISC 
Windows Remote Access Connection Manager Elevation of CVE-2021-33761 
microsoft -- windows_10 Privilege Vulnerability This CVE ID is unique from CVE-2021- 2021-07-14 4.6 MISC... 
33773, CVE-2021-34445, CVE-2021-34456. MISC 
Windows TCP/IP Driver Denial of Service Vulnerability This CVE-2021-31183 
mirosatt = Windows! CVE ID is unique from CVE-2021-33772, CVE-2021-34490. _|| 2021-07-14 | 2 |wisc 
microsoft -- windows_10 Windows Desktop Bridge Elevation of Privilege Vulnerability || 2021-07-14 | _ a 


MISC 
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33750, CVE-2021-33756. 


MISC 


Primary ee . CVSS Source & Patch 
Vendor -- Product pesenptlen Published | Score Info 

Storage Spaces Controller Elevation of Privilege Vulnerability CVE-2021-33751 

microsoft -- windows_10 This CVE ID is unique from CVE-2021-34460, CVE-2021- 2021-07-14 4.6 MISC 
34510, CVE-2021-34512, CVE-2021-34513. anal 

: : Windows Projected File System Elevation of Privilege CVE-2021-33743 
microsoft -- windows_10 Vulnerability 2021-07-14 4.6 MISC 

microsoft -- windows_10 Windows Event Tracing Elevation of Privilege Vulnerability 2021-07-14 | 4.6 oe 

Windows Remote Access Connection Manager Elevation of CVE-2021-33773 

microsoft -- windows_10 Privilege Vulnerability This CVE ID is unique from CVE-2021- 2021-07-14 4.6 MSC... 
33761, CVE-2021-34445, CVE-2021-34456. (pein 

P ‘ Windows Cloud Files Mini Filter Driver Elevation of Privilege CVE-2021-33784 
microsoft -- windows_10 Vulnerability 2021-07-14 | 4.6 MISC 

microsoft -- windows_10 Windows Authenticode Spoofing Vulnerability 2021-07-14 | 4.3 aan 

Windows DNS Snap-in Remote Code Execution Vulnerability CVE-2021-33752 

microsoft -- windows_10 This CVE ID is unique from CVE-2021-33749, CVE-2021- 2021-07-14 6.8 uc 





microsoft -- windows_10 


Windows Hyper-V Denial of Service Vulnerability This CVE ID 


is unique from CVE-2021-33755. 


2021-07-14 


| 


CVE-2021-33758 


MISC 





Windows TCP/IP Driver Denial of Service Vulnerability This 


CVE-2021-33772 

















ioe CVE ID is unique from CVE-2021-31183, CVE-2021-34490. _|| 2027-07-14 | 2 |wisc 
Windows DNS Snap-in Remote Code Execution Vulnerability CVE-2021-33756 
microsoft -- windows_10 This CVE ID is unique from CVE-2021-33749, CVE-2021- 2021-07-14 || 68  fere-t02t-se7se 
33750, CVE-2021-33752. MISC 
. Se Windows Hyper-V Denial of Service Vulnerability This CVE ID 7. CVE-2021-33755 
paleigealt = EP eLe is unique from CVE-2021-33758. 2021-07-14 | = misc 
microsoft -- windows_10 Windows SMB Information Disclosure Vulnerability 2021-07-14 | 4 |S eee eseres 


MISC 





microsoft -- windows_10 


Windows AF_UNIX Socket Provider Denial of Service 
Vulnerability 


2021-07-14 


| 


CVE-2021-33785 


MISC 





microsoft -- windows_10 


Azure AD Security Feature Bypass Vulnerability 


2021-07-14 


hdd 
in 


CVE-2021-33781 


MISC 





microsoft -- windows_10 


Windows DNS Snap-in Remote Code Execution Vulnerability 


This CVE ID is unique from CVE-2021-33750, CVE-2021- 
33752, CVE-2021-33756. 


2021-07-14 


CVE-2021-33749 


MISC 








Windows DNS Snap-in Remote Code Execution Vulnerability 


CVE-2021-33750 
























































process. An authenticated remote attacker can cause a Denial 
of Service (NULL pointer dereference). 

















MISC 


microsoft -- windows_10 This CVE ID is unique from CVE-2021-33749, CVE-2021- 2021-07-14 6.8 MISC 
33752, CVE-2021-33756. (accacmieas 
Windows DNS Server Remote Code Execution Vulnerability CVE-2021-33780 
microsoft -- windows_server_2008)|/This CVE ID is unique from CVE-2021-33746, CVE-2021- 2021-07-14 6.5 MSC...” 
33754, CVE-2021-34494, CVE-2021-34525. ——« 
: : Windows Key Distribution Center Information Disclosure CVE-2021-33764 
microsoft -- windows_server_2008 Vulnerability 2021-07-14 | 4.3 MISC 
Windows DNS Server Remote Code Execution Vulnerability CVE-2021-33746 
microsoft -- windows_server_2008)/This CVE ID is unique from CVE-2021-33754, CVE-2021- 2021-07-14 6.5 MSC... 
33780, CVE-2021-34494, CVE-2021-34525. ewe 
Windows DNS Server Denial of Service Vulnerability This CVE CVE-2021-33745 
microsoft -- windows_server_2008)ID is unique from CVE-2021-34442, CVE-2021-34444, CVE- 2021-07-14 4 ——< 
MISC 
2021-34499. 
Windows DNS Server Remote Code Execution Vulnerability CVE-2021-33754 
microsoft -- windows_server_2008||This CVE ID is unique from CVE-2021-33746, CVE-2021- 2021-07-14 6 MISC... 
33780, CVE-2021-34494, CVE-2021-34525. eeu 
microsoft -- windows_server_2016||Windows ADFS Security Feature Bypass Vulnerability 2021-07-14 | 55 a 
Mikrotik RouterOs before stable version 6.47 suffers from a 
memory corruption vulnerability in the /nova/bin/Icdstat 
process. An authenticated remote attacker can cause a Denial CVE-2020-20250 
mikrotik -- routeros of Service (NULL pointer dereference). NOTE: this is different || 2021-07-13 4 MISC 
from CVE-2020-20253 and CVE-2020-20254. All four MISC 
vulnerabilities in the /nova/bin/Icdstat process are discussed in 
the CVE-2020-20250 github.com/cq674350529 reference. 
Mikrotik RouterOs before stable version 6.47 suffers from a 
mikotik=touteres memory corruption vulnerability in the /nova/bin/Icdstat 2021-07-13 4 CVE-2020-20252 
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Nextcloud users. The vulnerability is patched in versions 
19.0.13, 20.0.11, and 21.0.3. No workarounds aside from 





upgrading are known to exist. 














Primary ee . CVSS Source & Patch 
Vendor -- Product Deer npnen Published | Score Info 
[A command injection vulnerability in the sandcat plugin of 
mitre -- caldera Caldera 2.3.1 and earlier allows authenticated attackers to 2021-07-12 65 ogee 
execute any command or service. -——— 
Issue was discovered in the fxParserTree function in moddable, 
eddable<miendable allows attackers to cause denial of service via a crafted 2021-07-13 5 CVE-2020-22882 
payload. Fixed in commit MISC 
723816ab9b52f807 1 80c99fc69c7d08cf6c6bd61. 
Nextcloud Android Client is the Android client for Nextcloud. 
Clients using the Nextcloud end-to-end encryption feature 
download the public and private key via an API endpoint. In 
versions prior to 3.16.1, the Nextcloud Android client skipped a CVE-2021-32727 
step that involved the client checking if a private key belonged CONFIRM 
nextcloud -- nextcloud to a previously downloaded public certificate. If the Nextcloud 2021-07-12 a MISC 
instance served a malicious public key, the data would be MISC 
encrypted for this key and thus could be accessible to a MISC 
malicious actor. The vulnerability is patched in version 3.16.1. 
As a workaround, do not add additional end-to-end encrypted 
devices to a user account. 
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 
1.9.6, the Nextcloud Mail application does not, by default, 
render images in emails to not leak the read state. The privacy CVE-2021-32707 
_ : filter failed to filter images with a ‘background-image’ CSS “Az: MISC 
nexcloud snescoud sal attribute. Note that the images were still passed through the anette 4 MISC 
Nextcloud image proxy, and thus there was no IP leakage. The CONFIRM 
issue was patched in version 1.9.6 and 1.10.0. No 
workarounds are known to exist. 
Nextcloud Text is a collaborative document editing application 
that uses Markdown. A cross-site scripting vulnerability is 
present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The 
Nextcloud Text application shipped with Nextcloud server used CVE-2021-32733 
= a ‘text/html’ Content-Type when serving files to users. Due the 07. MISC 
Hee tclond ner eloue Serer strict Content-Security-Policy shipped with Nextcloud, this issue eer Ne 4.3 MISC 
is not exploitable on modern browsers supporting Content- CONFIRM 
Security-Policy. The issue was fixed in versions 19.0.13, 
20.0.11, and 21.0.3. As a workaround, use a browser that has 
support for Content-Security-Policy. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there CVE-2021-32703 
was a lack of ratelimiting on the shareinfo endpoint. This may CONFIRM 
Hextcloud nesteloua Sener have allowed an attacker to enumerate potentially valid share eee 5 MISC 
tokens. The issue was fixed in versions 19.0.13, 20.0.11, and MISC 
21.0.3. There are no known workarounds. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there CVE-2021-32705 
was a lack of ratelimiting on the public DAV endpoint. This may MISC 
nextcloud -- nextcloud_server have allowed an attacker to enumerate potentially valid share Serle 5 MISC 
tokens or credentials. The issue was fixed in versions 19.0.13, CONFIRM 
20.0.11, and 21.0.3. There are no known workarounds. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, 
filenames where not escaped by default in controllers using 
*~DownloadResponse’. When a user-supplied filename was 
passed unsanitized into a DownloadResponse’, this could be 
used to trick users into downloading malicious files with a CVE-2021-32679 
benign file extension. This would show in UI behaviours where CONFIRM 
nieateloud -nealaue ener Nextcloud applications would display a benign file extension ed 68 |imisc 
(e.g. JPEG), but the file will actually be downloaded with an MISC 
executable file extension. The vulnerability is patched in 
versions 19.0.13, 20.0.11, and 21.0.3. Administrators of 
Nextcloud instances do not have a workaround available, but 
developers of Nextcloud apps may manually escape the file 
name before passing it into DownloadResponse . 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, 
ratelimits are not applied to OCS API responses. This affects 
any OCS API controller (OCSController’) using the CVE-2021-32678 
_ *@BruteForceProtection’ annotation. Risk depends on the as MISC 
nexicloud --nexicioud Server installed applications on the Nextcloud Server, but could range ane tate 8 MISC 
from bypassing authentication ratelimits or spamming other CONFIRM 
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result in a full path disclosure on shared files. The issue was 
fixed in versions 19.0.13, 20.0.11, and 21.0.3. Asa 
workaround, one may disable the Nextcloud Text application in 
Nextcloud Server app settings. 


Primary er . CVSS Source & Patch 
Vendor -- Product Desenptlen Published Score Info 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there i 3 
was a lack of ratelimiting on the public share link mount 7 acc 
nextcloud -- nextcloud_server endpoint. This may have allowed an attacker to enumerate 2021-07-12 5 MISC 
potentially valid share tokens. The issue was fixed in versions CONFIRM 
19.0.13, 20.0.11, and 21.0.3. There are no known ———— 
workarounds. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the 
Nextcloud Text application shipped with Nextcloud Server CVE-2021-32734 
nextcloud -- nextcloud_server returned verbatim exception messages to the user. This could 2021-07-12 CONFIRM 


MISC 
MISC 








nextcloud -- nextcloud_server 


Nextcloud Server is a Nextcloud package that handles data 
storage. In versions prior to 19.0.13, 20.011, and 21.0.3, default 
share permissions were not being respected for federated 
reshares of files and folders. The issue was fixed in versions 
19.0.13, 20.0.11, and 21.0.3. There are no known 
workarounds. 


2021-07-12 


CVE-2021-32725 
CONFIRM 

MISC 

MISC 





nextcloud -- talk 


Nextcloud Talk is a fully on-premises audio/video and chat 
communication service. In versions prior to 11.2.2, if a user was 
able to reuse an earlier used username, they could get access 
to any chat message sent to the previous user with this 
username. The issue was patched in versions 11.2.2 and 
11.3.0. As a workaround, don't allow users to choose 
usernames themselves. This is the default behaviour of 
Nextcloud, but some user providers may allow doing so. 


2021-07-12 


CVE-2021-32689 
MISC 

MISC 

MISC 

CONFIRM 

MISC 





nodejs -- node.js 


Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out- 


of-bounds read when uv__idna_toascii() is used to convert 
strings to ASCII. The pointer p is read and increased without 
checking whether it is beyond pe, with the latter holding a 
pointer to the end of the buffer. This can lead to information 
disclosures or crashes. This function can be triggered via 
uv_getaddrinfo(). 


2021-07-12 


CVE-2021-22918 
MISC 
MISC 


aenuae 








Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to 
local privilege escalation attacks under certain conditions on 
Windows platforms. More specifically, improper configuration of 


CVE-2021-22921 








hostname found in the verify-x509-name option in a client 
configuration. 


nodejs:r« mode: permissions in the installation directory allows an attacker to Seer Ne = vee 

perform two different escalation attacks: PATH and DLL ——— 

hijacking. 

OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man- 

in-the-middle attacker to bypass the certificate authentication CVE-2021-3547 
Openvpn -- openvpn by issuing an unrelated server certificate using the same 2021-07-12 MISC 


MISC 





panasonic -- fowin_pro 


Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an 


attacker to craft a project file specifying a URI that causes the 
XML parser to access the URI and embed the contents, which 
may allow the attacker to disclose information that is accessible 
in the context of the user executing software. 


2021-07-09 


CVE-2021-32972 
MISC 








pbootcms -- pbootcms 


Incorrect Access Control vulnerability in PbootCMS 2.0.6 via 
the list parameter in the update function in 
upgradecontroller.php. 


2021-07-09 


CVE-2020-22535 
MISC 





pfsense -- pfsense 


Netgate pfSense Community Edition 2.4.4 - p2 (arm64) is 


affected by: Cross Site Scripting (XSS). The impact is: Session 
Hijacking, Information Leakage (local). The component is: 
pfSense Dashboard, Work-on-LAN Service configuration. The 
attack vector is: Inject the malicious JavaScript code in 
Description text box or parameter. 


2021-07-12 


CVE-2020-19203 
MISC 
MISC 








plugin-planet -- prismatic 


The Prismatic WordPress plugin before 2.8 does not escape 
the 'tab' GET parameter before outputting it back in an 
attribute, leading to a reflected Cross-Site Scripting issue which 
will be executed in the context of a logged in administrator 


2021-07-12 


CVE-2021-24409 
CONFIRM 








pluginus -- 








Cross-site request forgery (CSRF) vulnerability in WordPress 
Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 


wordpress_meta_data_and_taxonganidsvditeons prior to v.2.2.8 allows remote attackers to hijack 





the authentication of administrators via unspecified vectors. 








2021-07-14 








CVE-2021-20781 
MISC 
MISC 


eo es ks i es os 
|CO (se) {Se} (Se) |CO 





MISC 
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CVSS 
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Source & Patch 
Info 








putty -- putty 


PuTTY through 0.75 proceeds with establishing an SSH 
session even if it has never sent a substantive authentication 
response. This makes it easier for an attacker-controlled SSH 
server to present a later spoofed authentication prompt (that 
the attacker can use to capture credential data, and use that 
data for purposes that are undesired by the client user). 


2021-07-09 


CVE-2021-36367 
MISC 
MISC 





qualcomm -- apq8009_ firmware 


Denial of service in SAP case due to improper handling of 
connections when association is rejected in Snapdragon Auto, 
Snapdragon Compute, Snapdragon Connectivity, Snapdragon 
Consumer Electronics Connectivity, Snapdragon Consumer 
IOT, Snapdragon Industrial IOT, Snapdragon loT, Snapdragon 
Mobile, Snapdragon Voice & Music, Snapdragon Wearables 


2021-07-13 


CVE-2021-1955 
CONFIRM 








qualcomm -- apq8053_ firmware 


Possible out of bound read due to lack of length check of FT 
sub-elements in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon 
Voice & Music 


2021-07-13 


CVE-2021-1970 
CONFIRM 








qualcomm -- apq8053_ firmware 


Possible buffer overflow due to lack of length check in BA 
request in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial IOT, Snapdragon Mobile 


2021-07-13 


CVE-2021-1907 
CONFIRM 








qualcomm -- apq8053_ firmware 


Possible buffer over read due to improper validation of IE size 
while parsing beacon from peer device in Snapdragon Auto, 
Snapdragon Compute, Snapdragon Connectivity, Snapdragon 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, 
Snapdragon Wired Infrastructure and Networking 


2021-07-13 


CVE-2021-1964 
CONFIRM 





qualcomm -- apq8053_ firmware 


Possible buffer out of bound read can occur due to improper 


validation of TBTT count and length while parsing the beacon 
response in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Industrial |OT, 
Snapdragon Mobile, Snapdragon Wired Infrastructure and 
Networking 


2021-07-13 


CVE-2021-1943 
CONFIRM 








qualcomm -- apq8053_firmware 


Possible buffer over read due to improper validation of data 
pointer while parsing FILS indication IE in Snapdragon Auto, 
Snapdragon Compute, Snapdragon Connectivity, Snapdragon 
Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, 
Snapdragon Wired Infrastructure and Networking 


2021-07-13 


CVE-2021-1954 
CONFIRM 





qualcomm -- apq8053_ firmware 


Possible out of bound read due to lack of length check of 
Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, 
Snapdragon Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial |OT, Snapdragon Mobile, Snapdragon 
Moice & Music, Snapdragon Wired Infrastructure and 
Networking 


2021-07-13 


CVE-2021-1945 
CONFIRM 





qualcomm -- aqt1000_ firmware 


Improper handling of received malformed FTMR request frame 


can lead to reachable assertion while responding with FTM1 
frame in Snapdragon Auto, Snapdragon Compute, Snapdragon 
Connectivity, Snapdragon Consumer Electronics Connectivity, 
Snapdragon Consumer IOT, Snapdragon Industrial IOT, 
Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon 
Wired Infrastructure and Networking 


2021-07-13 


CVE-2021-1953 
CONFIRM 








qualcomm -- aqt1000_ firmware 


Possible assertion due to improper verification while creating 
and deleting the peer in Snapdragon Auto, Snapdragon 
Compute, Snapdragon Connectivity, Snapdragon Consumer 
Electronics Connectivity, Snapdragon Consumer IOT, 
Snapdragon Industrial |OT, Snapdragon Mobile, Snapdragon 
Moice & Music, Snapdragon Wired Infrastructure and 
Networking 


2021-07-13 


CVE-2021-1938 
CONFIRM 





An assertion can be reached in the WLAN subsystem while 


CVE-2021-1887 








resolved in the 2020-07-05 release. 


In 


qualcomm -- ar7420_ firmware using the Wi-Fi Fine Timing Measurement protocol in 2021-07-13 5 CONFIRM 
Snapdragon Wired Infrastructure and Networking (Sica ial 
Buffer Overflow vulnerability in quickjs.c in QuickJS, allows 

quickjs_project -- quickjs remote attackers to cause denial of service. This issue is 2021-07-13 es 


MISC 








redhat -- keycloak 





A flaw was found in keycloak-model-infinispan in keycloak 
versions before 14.0.0 where authenticationSessions map in 
RootAuthenticationSessionEntity grows boundlessly which 





could lead to a DoS attack. 








2021-07-09 


g 








CVE-2021-3637 
MISC 
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RestSharp < 106.11.8-alpha.0.13 uses a regular expression 
Which is vulnerable to Regular Expression Denial of Service Cc 
; : : : VE-2021-27293 
restsharp -- restsharp (ReDoS) when converting strings into DateTimes. If a server 2021-07-12 MISC 


responds with a malicious string, the client using RestSharp will 
be stuck processing it for an exceedingly long time. Thus the 
remote server can trigger Denial of Service. 


MISC 





retty -- retty 


Retty App for Android versions prior to 4.8.13 and Retty App for 


iOS versions prior to 4.11.14 uses a hard-coded API key for an 
external service. By exploiting this vulnerability, API key for an 


2021-07-14 


CVE-2021-20748 


MISC 
MISC 





retty -- retty 


external service may be obtained by analyzing data in the app. 


Improper authorization in handler for custom URL scheme 
vulnerability in Retty App for Android versions prior to 4.8.13 
and Retty App for iOS versions prior to 4.11.14 allows a remote 
attacker to lead a user to access an arbitrary website via the 
vulnerable App. 


2021-07-14 


CVE-2021-20747 
MISC 
MISC 








rockwellautomation -- 
micrologix_1100_ firmware 


Rockwell Automation MicroLogix 1100, all versions, allows a 
remote, unauthenticated attacker sending specially crafted 
commands to cause the PLC to fault when the controller is 
switched to RUN mode, which results in a denial-of-service 
condition. If successfully exploited, this vulnerability will cause 
the controller to fault whenever the controller is switched to 
RUN mode. 


2021-07-09 


CVE-2021-33012 
MISC 








salonbookingsystem -- 
salon_booking_system 


The Salon booking system WordPress plugin before 6.3.1 does 
not properly sanitise and escape the First Name field when 
booking an appointment, allowing low privilege users such as 
subscriber to set JavaScript in them, leading to a Stored Cross- 
Site Scripting (XSS) vulnerability. The Payload will then be 
triggered when an admin visits the "Calendar" page and the 
malicious script is executed in the admin context. 


2021-07-12 


CVE-2021-24429 
CONFIRM 





sap -- 
3d_visual_enterprise_viewer 


SAP 3D Visual Enterprise Viewer, version - 9, allows a user to 


open manipulated CGM file received from untrusted sources 
which causes out of bounds write and causes the application to 
crash and becoming temporarily unavailable until the user 
restarts the application. 


2021-07-14 


CVE-2021-33681 
MISC 
MISC 








sap -- 
3d_visual_enterprise_viewer 


SAP 3D Visual Enterprise Viewer, version - 9, allows a user to 
open manipulated CGM file received from untrusted sources 
which causes buffer overflow and causes the application to 
crash and becoming temporarily unavailable until the user 
restarts the application. 


2021-07-14 


CVE-2021-33680 
MISC 
MISC 





sap -- 
businessobjects_web_ intelligence 


Under certain conditions, SAP Business Objects Web 
Intelligence (BI Launchpad) versions - 420, 430, allows an 
attacker to access jsp source code, through SDK calls, of 
Analytical Reporting bundle, a part of the frontend application, 
which would otherwise be restricted. 


2021-07-14 


CVE-2021-33667 
MISC 
MISC 








sap -- 


A missing authority check in SAP CRM, versions - 700, 701, 
702, 712, 713, 714, could be leveraged by an attacker with 


customer_relationship_ managememtigh privileges to compromise confidentiality, integrity, or 


availability of the system. 


2021-07-14 


CVE-2021-33676 
MISC 
MISC 








sap -- netweaver_abap 


SAP NetWeaver ABAP Server and ABAP Platform, versions - 
700, 702, 730, 731, 804, 740, 750, 784, expose functions to 
external which can lead to information disclosure. 


2021-07-14 


CVE-2021-33677 
MISC 
MISC 








sap -- 


When user with insufficient privileges tries to access any 
application in SAP NetWeaver Administrator (Administrator 


netweaver_application_server_javdapplications), version - 7.50, no security audit log is created. 


Therefore, security audit log Integrity is impacted. 


2021-07-14 


CVE-2021-33689 
MISC 
MISC 








sap -- 


SAP NetWeaver AS for Java (Http Service Monitoring Filter), 
versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an 
attacker to send multiple HTTP requests with different method 


netweaver_application_server_javatypes thereby crashing the filter and making the HTTP server 


unavailable to other legitimate users leading to denial of 
service vulnerability. 


2021-07-14 


CVE-2021-33670 
MISC 
MISC 





sap -- 











SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 


7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one 


netweaver_application_server_javgof their HTTP requests, an attacker can use this in conjunction 


with other attacks such as XSS to steal this information. 
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CVE-2021-33687 
MISC 
MISC 
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sap -- 


netweaver_guided_procedures 


SAP NetWeaver Guided Procedures (Administration Workset), 
versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform 
necessary authorization checks for an authenticated user, 
resulting in escalation of privileges. The impact of missing 
authorization could result to abuse of functionality restricted to 
a particular user group, and could allow unauthorized users to 
read, modify or delete restricted data. 


2021-07-14 


CVE-2021-33671 
MISC 
MISC 








segment -- is-email 


[A ReDoS (regular expression denial of service) flaw was found 
in the Segment is-email package before 1.0.1 for Node.js. An 
attacker that is able to provide crafted input to the 
isEmail(input) function may cause an application to consume 
an excessive amount of CPU. 


2021-07-14 


In 


CVE-2021-36716 
MISC 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
'V13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing SGI files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13404) 


2021-07-13 


ie 
loo 


CVE-2021-34319 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
V13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data when parsing JT files. This could result in 
an out of bounds write past the end of an allocated structure. 
An attacker could leverage this vulnerability to execute code in 
the context of the current process. (ZDI-CAN-13442) 


2021-07-13 


IS 
loo 


CVE-2021-34331 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data prior to performing further free operations 
on an object when parsing JT files. An attacker could leverage 
this vulnerability to execute code in the context of the current 
process. (ZDI-CAN-13430) 


2021-07-13 


CVE-2021-34330 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Solid Edge SE2021 (All Versions < SE2021MP5), 
Teamcenter Visualization (All versions < V13.2). The 
plmxmlAdapterSE70.dll library in affected applications lacks 
proper validation of user-supplied data when parsing PAR files. 
This could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13427) 


2021-07-13 


CVE-2021-34329 
CONFIRM 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13199) 


2021-07-13 


CVE-2021-34304 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Solid Edge SE2021 (All Versions < SE2021MP5), 
Teamcenter Visualization (All versions < V13.2). The 
plmxmlAdapterSE70.dll library in affected applications lacks 
proper validation of user-supplied data when parsing PAR files. 
This could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13422) 


2021-07-13 


CVE-2021-34326 
CONFIRM 
CONFIRM 





siemens -- jt2go 











A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data prior to performing further free operations 
on an object when parsing JT files. An attacker could leverage 
this vulnerability to execute code in the context of the current 
process. (ZDI-CAN-13420) 








2021-07-13 











CVE-2021-34324 
CONFIRM 
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siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data when parsing JT files. This could result in 
an out of bounds write past the end of an allocated structure. 
An attacker could leverage this vulnerability to execute code in 
the context of the current process. (ZDI-CAN-13419) 


2021-07-13 


CVE-2021-34323 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
DL180CoolType.dil library in affected applications lacks proper 
validation of user-supplied data when parsing PDF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13380) 


2021-07-13 


CVE-2021-34316 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Solid Edge SE2021 (All Versions < SE2021MP5), 
Teamcenter Visualization (All versions < V13.2). The 
plmxmlAdapterSE70.dll library in affected applications lacks 
proper validation of user-supplied data when parsing ASM files. 
This could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13423) 


2021-07-13 


CVE-2021-34327 
CONFIRM 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13343) 


2021-07-13 


CVE-2021-34307 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing SGI files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
execute code in the context of the current process. (ZDI-CAN- 
13356) 


2021-07-13 


CVE-2021-34315 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
'V13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing SGI files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13355) 


2021-07-13 


CVE-2021-34314 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13354) 


2021-07-13 


CVE-2021-34313 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13353) 


2021-07-13 


CVE-2021-34312 
CONFIRM 





siemens -- jt2go 











A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Mono_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing J2K files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13352) 








2021-07-13 











CVE-2021-34311 
CONFIRM 
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siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13192) 


2021-07-13 


CVE-2021-34299 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13197) 


2021-07-13 


CVE-2021-34302 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13198) 


2021-07-13 


CVE-2021-34303 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing PCT files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13403) 


2021-07-13 


CVE-2021-34318 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Solid Edge SE2021 (All Versions < SE2021MP5), 
Teamcenter Visualization (All versions < V13.2). The 
plmxmlAdapterSE70.dll library in affected applications lacks 
proper validation of user-supplied data when parsing PAR files. 
This could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13424) 


2021-07-13 


CVE-2021-34328 
CONFIRM 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing PC X files. This 
could result in an out of bounds write past the fixed-length 
heap-based buffer. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13402) 


2021-07-13 


CVE-2021-34317 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Gif_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing GIF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-12956) 


2021-07-13 


CVE-2021-34291 
CONFIRM 








siemens -- jt2go 








A vulnerability has been identified in JT2Go (All versions < 
V13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
execute code in the context of the current process. (ZDI-CAN- 
13057) 











2021-07-13 











CVE-2021-34296 
CONFIRM 
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siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
execute code in the context of the current process. (ZDI-CAN- 
12959) 


2021-07-13 


CVE-2021-34292 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
'VisDraw.dll library in affected applications lacks proper 
validation of user-supplied data when parsing J2K files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13414) 


2021-07-13 


CVE-2021-34321 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data when parsing JT files. This could result in 
an out of bounds read past the end of an allocated buffer. An 
attacker could leverage this vulnerability to leak information in 
the context of the current process. (ZDI-CAN-13406) 


2021-07-13 


CVE-2021-34320 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Jt981.dll library in affected applications lacks proper validation 
of user-supplied data when parsing JT files. This could result in 
an out of bounds read past the end of an allocated buffer. An 
attacker could leverage this vulnerability to leak information in 
the context of the current process. (ZDI-CAN-13421) 


2021-07-13 


CVE-2021-34325 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. A 
malformed input file could result in an infinite loop condition 
that leads to denial of service condition. An attacker could 
leverage this vulnerability to consume excessive resources. 
(CNVD-C-2021-79300) 


2021-07-13 


CVE-2021-34332 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. A 
malformed input file could result in double free of an allocated 
buffer that leads to a crash. An attacker could leverage this 
vulnerability to cause denial of service condition. (CNVD-C- 
2021-79295) 


2021-07-13 


CVE-2021-34333 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
'V13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13351) 


2021-07-13 


CVE-2021-34310 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 
CAN-13344) 


2021-07-13 


CVE-2021-34308 
CONFIRM 





siemens -- jt2go 








A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
JPEG2K_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing J2K files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
leak information in the context of the current process. (ZDI- 





CAN-13416) 








2021-07-13 








CVE-2021-34322 
CONFIRM 
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siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13350) 


2021-07-13 


S 
loo 


CVE-2021-34309 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Gif_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing GIF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13024) 


2021-07-13 


ie 
loo 


CVE-2021-34295 
CONFIRM 








siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing BMP files. This 
could result in a memory corruption condition. An attacker 
could leverage this vulnerability to execute code in the context 
of the current process. (ZDI-CAN-13342) 


2021-07-13 


CVE-2021-34306 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


13.2), Teamcenter Visualization (All versions < V13.2). The 
Gif_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing GIF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13340) 


2021-07-13 


CVE-2021-34305 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


'V13.2), Teamcenter Visualization (All versions < V13.2). The 
Gif_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing GIF files. This 
could result in an out of bounds write past the end of an 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13020) 


2021-07-13 


CVE-2021-34293 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 


V13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data prior to performing further free 
operations on an object when parsing BMP files. An attacker 
could leverage this vulnerability to execute code in the context 
of the current process. (ZDI-CAN-13196) 


2021-07-13 


CVE-2021-34301 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
Tiff_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing TIFF files. This 
could result in an out of bounds write past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
execute code in the context of the current process. (ZDI-CAN- 
13194) 


2021-07-13 


CVE-2021-34300 
CONFIRM 





siemens -- jt2go 


A vulnerability has been identified in JT2Go (All versions < 
13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
validation of user-supplied data prior to performing further free 
operations on an object when parsing BMP files. An attacker 
could leverage this vulnerability to execute code in the context 
of the current process. (ZDI-CAN-13060) 


2021-07-13 


CVE-2021-34298 
CONFIRM 








siemens -- jt2go 








A vulnerability has been identified in JT2Go (All versions < 
'V13.2), Teamcenter Visualization (All versions < V13.2). The 
Gif_loader.dll library in affected applications lacks proper 
validation of user-supplied data when parsing GIF files. This 
could result in an out of bounds read past the end of an 
allocated buffer. An attacker could leverage this vulnerability to 
execute code in the context of the current process. (ZDI-CAN- 





13023 








2021-07-13 








CVE-2021-34294 
CONFIRM 
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Primary ae . CVSS Source & Patch 
Vendor -- Product Deer npen Published Score Info 
A vulnerability has been identified in JT2Go (All versions < 
'V13.2), Teamcenter Visualization (All versions < V13.2). The 
BMP_Loader.dll library in affected applications lacks proper 
; 5 validation of user-supplied data when parsing BMP files. This CVE-2021-34297 
siemens — jt2go could result in an out of bounds write past the end of an eewinle 6.8 CONFIRM 
allocated structure. An attacker could leverage this vulnerability 
to execute code in the context of the current process. (ZDI- 
CAN-13059) 
Multiple Out-of-Bound read vulnerability in SonicWall Switch 
; F when handling LLDP Protocol allows an attacker to cause a CVE-2021-20024 
sonicwall = switch system instability or potentially read sensitive information from ened 0eS 65 CONFIRM 
the memory locations. 
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 
iannehigie'=endssint- Seaust does not accomplish the intended defense against local 2021-07-13 46 ee anoee 
point_ Y lladministrators who can replace the Visual C++ runtime DLLs —- MISC 
(in % WINDIR%\system32) with malicious ones. -—— 
SES Evolution before 2.1.0 allows deleting some resources not CVE-2021-31225 
stormshield -- endpoint_security _ ||currently in use by any security policy by leveraging access to a|| 2021-07-13 4.3 MISC 
computer having the administration console installed. MISC 
Cross-site request forgery (CSRF) vulnerability in Software CVE-2021-20782 
tipsandtricks-hq -- License Manager versions prior to 4.4.6 allows remote 2021-07-14 6.8 MISC 
software_license_manager attackers to hijack the authentication of administrators via = MISC 
unspecified vectors. MISC 
SFCB (Small Footprint CIM Broker) as used in ESXi has an 
authentication bypass vulnerability. A malicious actor with CVE-2021-21994 
vmware -- cloud_foundation network access to port 5989 on ESXi may exploit this issue to || 2021-07-13 6.8 MISC... 
bypass SFCB authentication by sending a specially crafted — 
i a ee 
OpenSLP as used in ESXi has a denial-of-service vulnerability 
due a heap out-of-bounds read issue. A malicious actor with CVE-2021-21995 
vmware -- cloud_ foundation network access to port 427 on ESXi may be able to trigger a 2021-07-13 5 MSC... 
heap out-of-bounds read in OpenSLP service resulting in a ——— 
denial-of-service condition. 
'VMware Thinapp version 5.x prior to 5.2.10 contain a DLL 
hijacking vulnerability due to insecure loading of DLLs. A CVE-2021-22000 
vmware -- thinapp malicious actor with non-administrative privileges may exploit 2021-07-13 6.9 MISC. 
this vulnerability to elevate privileges to administrator level on —— FULLDISC 
the Windows operating system having VMware ThinApp = 
installed on it. 
HTTP header injection vulnerability in Everything all versions CVE-2021-20784 
F : except the Lite version may allow a remote attacker to inject an MISC 
veidtonls everyting arbitrary script or alter the website that uses the product via ave Veinls 58 MISC 
unspecified vectors. MISC 
: IA SQL injection vulnerability in 
wayang-cms_project -- wayang- |v controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows || 2021-07-14 aS 


cms 


attackers to obtain sensitive database information. 


MISC 





wayang-cms_ project -- wayang- 
cms 


A cross site scripting (XSS) vulnerability in index.php of 
Wayang-CMS v1.0 allows attackers to execute arbitrary web 
scripts or HTML via a constructed payload created by adding 
the X-Forwarded-For field to the header. 


2021-07-14 


CVE-2020-29146 
MISC 





Wire -- wire 


Wire is a collaboration platform. wire-ios-transport handles 


authentication of requests, network failures, and retries for the 
iOS implementation of Wire. In the 3.82 version of the iOS 
application, a new web socket implementation was introduced 
for users running iOS 13 or higher. This new websocket 
implementation is not configured to enforce certificate pinning 
when available. Certificate pinning for the new websocket is 
enforced in version 3.84 or above. 


2021-07-13 


CVE-2021-32755 
CONFIRM 








xen-orchestra -- xo-server 


Xen Orchestra (with xo-web through 5.80.0 and xo-server 
through 5.84.0) mishandles authorization, as demonstrated by 
modified WebSocket resourceSet.getAll data is which the 
attacker changes the permission field from none to admin. The 
attacker gains access to data sets such as VMs, Backups, 
Audit, Users, and Groups. 


2021-07-12 


CVE-2021-36383 
MISC 








xml\ -- \ 








It was discovered that the XML::Atom Perl module before 
version 0.39 did not disable external entities when parsing XML 
from potentially untrusted sources. This may allow attackers to 
gain read access to otherwise protected resources, depending 





on how the library is used. 
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CVE-2012-1102 
MISC 
MISC 
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XSS payload depends on the 'Show results’ option selected, 





which could be before or after sending the vote for example. 














Primary wis . CVSS Source & Patch 
Vendor -- Product Pesenptlen Published | Score Info 

A flaw was found in libxml2. Exponential entity expansion CVE-2021-3541 
xmlsoft -- libxml2 attack its possible bypassing all existing protection 2021-07-09 4 MISC... 

mechanisms and leading to denial of service. a 

In the YOP Poll WordPress plugin before 6.2.8, when a pool is 

created with the options "Allow other answers", "Display other 

answers in the result list" and "Show results", it can lead to CVE-2021-24454 
yop-poll -- yop_poll Stored Cross-Site Scripting issues as the ‘Other’ answer is not || 2021-07-12 4.3 MISC 

sanitised before being output in the page. The execution of the CONFIRM 











Back to top 


Low Vulnerabilities 





Primary 
Vendor -- Product 


Description 


Published 


CVSS 
Score 


Source & Patch 


Info 





admincolumns -- admin_columns 


The Admin Columns WordPress plugin Free before 4.3.2 and 


Pro before 5.5.2 allowed to configure individual columns for 
tables. Each column had a type. The type "Custom Field" 
allowed to choose an arbitrary database column to display in 
the table. There was no escaping applied to the contents of 
"Custom Field" columns. 


2021-07-12 


CVE-2021-24365 
CONFIRM 
MISC 





blackcat-cms -- blackcat_cms 


A stored cross site scripting (XSS) vulnerability in the ‘Add 


Page' feature of BlackCat CMS 1.3.6 allows authenticated 
attackers to execute arbitrary web scripts or HTML via a crafted 
payload entered into the 'Title' parameter. 


2021-07-09 


CVE-2020-25877 


MISC 
MISC 





blackcat-cms -- blackcat_cms 


A stored cross site scripting (XSS) vulnerability in the ‘Admin- 


Tools' feature of BlackCat CMS 1.3.6 allows authenticated 
attackers to execute arbitrary web scripts or HTML via crafted 
payloads entered into the ‘Output Filters' and 'Droplets' 
modules. 


2021-07-09 


CVE-2020-25878 
MISC 
MISC 








boldgrid -- w3_total_cache 


The W3 Total Cache WordPress plugin before 2.1.3 did not 
sanitise or escape some of its CDN settings, allowing high 
privilege users to use JavaScript in them, which will be output 
in the page, leading to an authenticated Stored Cross-Site 
Scripting issue 


2021-07-12 


CVE-2021-24427 
MISC 
CONFIRM 





codologic -- codoforum 


A stored cross site scripting (XSS) vulnerability in the 'Manage 


Users' feature of Codoforum v5.0.2 allows authenticated 
attackers to execute arbitrary web scripts or HTML via a crafted 
payload entered into the 'Username' parameter. 


2021-07-09 


CVE-2020-25879 
MISC 
MISC 





codologic -- codoforum 


A stored cross site scripting (XSS) vulnerability in the ‘Smileys’ 


feature of Codoforum v5.0.2 allows authenticated attackers to 
execute arbitrary web scripts or HTML via crafted payload 
entered into the 'Smiley Code' parameter. 


2021-07-09 


CVE-2020-25875 
MISC 
MISC 





codologic -- codoforum 


A stored cross site scripting (XSS) vulnerability in the 'Pages' 
feature of Codoforum v5.0.2 allows authenticated attackers to 
execute arbitrary web scripts or HTML via crafted payload 
entered into the 'Page Title’ parameter. 


2021-07-09 


CVE-2020-25876 
MISC 
MISC 





CSZCMS -- CSZ_CMS 


A cross site scripting vulnerability in CSZ CMS 1.2.9 allows 
attackers to execute arbitrary web scripts or HTML via a crafted 
payload entered into the 'New Pages' field under the 'Pages 
Content’ module. 


2021-07-09 


CVE-2020-25391 
MISC 





CSZCMS -- CSZ_CMS 


A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 


allows attackers to execute arbitrary web scripts or HTML via a 
crafted payload entered into the 'New Article’ field under the 
‘Article’ plugin. 


2021-07-09 


ele [stele [= [= |e] i 


CVE-2020-25392 
MISC 





A reflected cross site scripting (XSS) vulnerability in 


CVE-2021-35360 




















HTML via a crafted payload entered into the ‘Title’ and 
'Filename' parameters. 

















dotcms -- dotcms dotAdmin/#/c/containers of dotCMS 21.05.1 allows attackers to || 2021-07-09 35 MISC 

execute arbitrary commands or HTML via a crafted payload. (eisai 

A reflected cross site scripting (XSS) vulnerability in CVE-2021-35361 
dotcms -- dotcms dotAdmin/#/c/links of dotCMS 21.05.1 allows attackers to 2021-07-09 eS MSC. 

execute arbitrary commands or HTML via a crafted payload. aaa 

A stored cross site scripting (XSS) vulnerability in 

dotAdmin/#/c/c_Images of dotCMS 21.05.1 allows CVE-2021-35358 
dotcms -- dotcms authenticated attackers to execute arbitrary web scripts or 2021-07-09 29 Feit el 


MISC 
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allows remote authenticated users to inject arbitrary web script 
or HTML via a crafted SVG image. 


Primary er . Cvss Source & Patch 
Vendor -- Product Description Published Score Info 
A Cross-site scripting (XSS) vulnerability in the "View in Cc 
" ; ICVE-2021-33212 
element-it —- htto_commander Browser" feature in Elements-IT HTTP Commander 5.3.3 2021-07-14 MISC 


MISC 








emarketdegisn -- 
request_a_quote 


The Request a Quote WordPress plugin before 2.3.4 did not 
sanitise and escape some of its quote fields when 
adding/editing a quote as admin, leading to Stored Cross-Site 
scripting issues when the quote is output in the 'All Quotes" 
table. 


2021-07-12 


CVE-2021-24420 
CONFIRM 





esri -- arcgis_server 


A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS 


Server Services Directory version 10.8.1 and below may allow 
a remote authenticated attacker to pass and store malicious 
strings in the ArcGIS Services Directory. 


2021-07-11 


CVE-2021-29105 
CONFIRM 





eyecix -- jobsearch_wp_job_board 


The WP JobSearch WordPress plugin before 1.7.4 did not 


sanitise or escape multiple of its parameters from the my- 
resume page before outputting them in the page, allowing low 
privilege users to use JavaScript payloads in them and leading 
to a Stored Cross-Site Scripting issue 


2021-07-12 


CVE-2021-24421 
CONFIRM 
MISC 








fetchdesigns -- sign-up_ sheets 


The Sign-up Sheets WordPress plugin before 1.0.14 did not 
sanitise or escape some of its fields when creating a new 
sheet, allowing high privilege users to add JavaScript in them, 
leading to a Stored Cross-Site Scripting issue. The payloads 
will be triggered when viewing the 'All Sheets' page in the 
admin dashboard 


2021-07-12 


CVE-2021-24440 
CONFIRM 








flowdroid_ project -- flowdroid 


FlowDroid is a data flow analysis tool. FlowDroid versions prior 
to 2.9.0 contained an XML external entity (XXE) vulnerability 
that allowed an attacker who had control over the source/sink 
definition file in XML format to read files from external locations. 
In order for this to occur, the XML-based format for sources and 
sinks had to be used and the attacker had to able control the 
source/sink definition file. The vulnerability was patched in 
version 2.9.0. As a workaround, do not allow untrusted entities 
to control the source/sink definition file. 


2021-07-12 


CVE-2021-32754 
CONFIRM 








google -- android 


In generateFileInfo of BluetoothOppSendFilelnfo.java, there is 
a possible way to share private files over Bluetooth due to a 
confused deputy. This could lead to local information disclosure 
with no additional execution privileges needed. User interaction 
is needed for exploitation.Product: AndroidVersions: Android-9 
Android-10 Android-11 Android-8.1Android ID: A-179910660 


2021-07-14 


CVE-2021-0604 
MISC 








halo -- halo 


Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via 
CommentAuthorUrl. 


2021-07-12 


CVE-2020-18982 
MISC 








huawei -- mate_20_ firmware 


There is a path traversal vulnerability in some Huawei products. 
The vulnerability is due to that the software uses external input 
to construct a pathname that is intended to identify a file or 
directory that is located underneath a restricted parent 
directory, but the software does not properly validate the 
pathname. Successful exploit could allow the attacker to 
access a location that is outside of the restricted directory by a 
crafted filename. Affected product versions include: HUAWEI 
Mate 20 9.0.0.195(C01E195R2P1), 
9.1.0.139(CO0E133R3P1); HUAWEI]! Mate 20 Pro 
9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 
9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 
9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 
9.0.0.278(C185E10R2P1); Hima-L29C 
9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P 16), 
9.0.0.105(C636E9R1P16); Laya-ALOOEP 
9.1.0.139(C786E133R3P1); OxfordS-ANOOA 
10.1.0.223(CO0E210R5P1); Tony-ALOOB 
9.1.0.257(CO0E222R2P1). 


2021-07-13 


CVE-2021-22440 
MISC 





huawei -- p30_ firmware 











The Bluetooth function of some Huawei smartphones has a 


DoS vulnerability. Attackers can install third-party apps to send 
specific broadcasts, causing the Bluetooth module to crash. 
This vulnerability is successfully exploited to cause the 
Bluetooth function to become abnormal. Affected product 
versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 
10.0.0.200(COOE85R2P11), 10.0.0.200(C461E6R3P1), 
10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 
10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 
10.0.0.210(C635E3R2P4), and versions earlier than 





10.1.0.165(C01E165R2P 11). 
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CVE-2021-22399 
MISC 
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functionality potentially leading to credentials disclosure within 
a trusted session. IBM X-Force ID: 195033. 


Prima ee . CVSS Source & Patch 
Vendor -- Prcdiel Desenptlen Published Score Info 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20364 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 a0 CONFIRM 

functionality potentially leading to credentials disclosure within XF 

a trusted session. IBM X-Force ID: 195035. 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20368 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 35 XE 

functionality potentially leading to credentials disclosure within CONFIRM 

a trusted session. IBM X-Force ID: 195357. 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20366 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 oo CONFIRM 

functionality potentially leading to credentials disclosure within XF 

a trusted session. IBM X-Force ID: 195037. 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20365 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 3.5 XF 

functionality potentially leading to credentials disclosure within CONFIRM 

a trusted session. IBM X-Force ID: 195036. 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20363 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 35 CONFIRM 

functionality potentially leading to credentials disclosure within bAg 

a trusted session. IBM X-Force ID: 195034. 

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 

scripting. This vulnerability allows users to embed arbitrary CVE-2021-20362 
ibm -- cloud_pak_for_applications ||JavaScript code in the Web UI thus altering the intended 2021-07-13 XE 


CONFIRM 








ibm -- cloud_pak_for_applications 


IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site 
scripting. This vulnerability allows users to embed arbitrary 
JavaScript code in the Web UI thus altering the intended 
functionality potentially leading to credentials disclosure within 
a trusted session. IBM X-Force ID: 195032. 


2021-07-13 


CVE-2021-20361 
XE 
CONFIRM 





ibm -- tivoli_netcoolVomnibus_gui 


IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored 


cross-site scripting. This vulnerability allows users to embed 
arbitrary JavaScript code in the Web UI thus altering the 
intended functionality potentially leading to credentials 
disclosure within a trusted session. IBM X-Force ID: 204262. 


2021-07-12 


CVE-2021-29804 
XE 
CONFIRM 








ibm -- tivoli_netcoolVomnibus_gui 


IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored 
cross-site scripting. This vulnerability allows users to embed 
arbitrary JavaScript code in the Web UI thus altering the 
intended functionality potentially leading to credentials 
disclosure within a trusted session. IBM X-Force ID: 204263. 


2021-07-12 


CVE-2021-29805 
CONFIRM 
XF 





ibm -- tivoli_netcoolVomnibus_gui 


IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored 


cross-site scripting. This vulnerability allows users to embed 
arbitrary JavaScript code in the Web UI thus altering the 
intended functionality potentially leading to credentials 
disclosure within a trusted session. IBM X-Force ID: 204164. 


2021-07-12 


CVE-2021-29803 
CONFIRM 
XE 








ibm -- tivoli_netcoolVomnibus_gui 


IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross- 
site scripting. This vulnerability allows users to embed arbitrary 
JavaScript code in the Web UI thus altering the intended 
functionality potentially leading to credentials disclosure within 
a trusted session. IBM X-Force ID: 204349. 


2021-07-12 


CVE-2021-29822 
CONFIRM 
XE 





icinga -- icinga 


Icinga Web 2 is an open source monitoring web interface, 
framework and command-line interface. Between versions 
2.3.0 and 2.8.2, the ‘doc’ module of Icinga Web 2 allows to 
view documentation directly in the UI. It must be enabled 
manually by an administrator and users need explicit access 
permission to use it. Then, by visiting a certain route, it is 
possible to gain access to arbitrary files readable by the web- 
server user. The issue has been fixed in the 2.9.0, 2.8.3, and 
2.7.5 releases. As a workaround, an administrator may disable 
the ‘doc’ module or revoke permission to use it from all users. 


2021-07-12 


CVE-2021-32746 
MISC 

CONFIRM 

MISC 

MISC 








kaseya -- vsa 


Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7. 


2021-07-09 


CVE-2021-30119 
MISC 








microsoft -- windows_10 











Media Foundation Information Disclosure Vulnerability 








2021-07-14 








CVE-2021-33760 





MISC 
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by an admin to have the XSS trigger able in the frontend, 
however, higher privilege users, such as editor could exploit 
this without the need of approval, and even when the blog 
disallows the unfiltered_html capability. 


Primary re . Cvss Source & Patch 
Vendor -- Product Desenptlen Published | Score Info 
Windows Remote Access Connection Manager Information CVE-2021-33763 
microsoft -- windows_10 Disclosure Vulnerability This CVE ID is unique from CVE-2021- || 2021-07-14 2.1 MSC... 
34454, CVE-2021-34457. fees 
microsoft -- windows_10 Windows Installer Spoofing Vulnerability 2021-07-14 | 241 aes 
microsoft -- windows_10 Windows InstallService Elevation of Privilege Vulnerability 2021-07-14 | 3.6 we 
A stored cross site scripting (XSS) vulnerability in moziloCMS 
: . 2.0 allows authenticated attackers to execute arbitrary web CVE-2020-25394 
mozilo'=moziloems scripts or HTML via a crafted payload entered into the ete 0T-08 38 MISC 
"Content" parameter. 
Nextcloud Server is a Nextcloud package that handles data 
storage. In versions priot to 19.0.13, 20.0.11, and 21.0.3, CVE-2021-32680 
_ Nextcloud Server audit logging functionality wasn't properly 7. CONFIRM 
HextGloud =. Hexcclous! Server logging events for the unsetting of a share expiration date. This neat Ne 21 MISC 
event is supposed to be logged. This issue is patched in MISC 
versions 19.0.13, 20.0.11, and 21.0.3. 
A Stored Cross-Site Scripting (XSS) vulnerability was found in 
status_filter_reload.php, a page in the pfSense software CVE-2020-19201 
WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The MISC 
pfsense — pfsense page did not encode output from the filter reload process, and coeveiele 3.5 MISC 
a stored XSS was possible via the descr (description) MISC 
parameter on NAT rules. 
The Prismatic WordPress plugin before 2.8 does not sanitise or 
validate some of its shortcode parameters, allowing users with 
a role as low as Contributor to set Cross-Site payload in them. 
plugin-planet -- prismatic A post made by a contributor would still have to be approved 2021-07-12 CVE-2021-24408 


CONFIRM 





prothemedesign -- 
browser_screenshots 


The Browser Screenshots WordPress plugin before 1.7.6 
allowed authenticated users with a role as low as Contributor to 
perform Stored Cross-Site Scripting attacks as the image_class 
parameter of the browser-shot shortcode was not escaped. 


2021-07-12 


CVE-2021-24439 
CONFIRM 





publiccms -- publiccms 


Cross Site Scripting (XSS) vulnerability in PublicCMS 4.0 to get 
an admin cookie when the Administrator reviews submit case. 


2021-07-09 


CVE-2020-21333 


MISC 





qualcomm -- apq8009_firmware 


Possible buffer over-read due to lack of length check while 
flashing meta images in Snapdragon Consumer IOT, 
Snapdragon Industrial |OT, Snapdragon Mobile, Snapdragon 
Moice & Music, Snapdragon Wearables 


2021-07-13 


CVE-2021-1901 
CONFIRM 





qualcomm -- apq8009_firmware 


Possible Buffer Over-read due to lack of validation of boundary 


checks when loading splash image in Snapdragon Consumer 
IOT, Snapdragon Industrial IOT, Snapdragon Mobile, 
Snapdragon Voice & Music, Snapdragon Wearables 


2021-07-13 


CVE-2021-1897 
CONFIRM 





Possible buffer over-read due to incorrect overflow check when 
loading splash image in Snapdragon Consumer IOT, 


CVE-2021-1898 
































attackers to execute arbitrary web scripts or HTML via a crafted 





payload entered into the 'Title’ parameter. 














MISC 





Adaleomin apa ceed nnmare Snapdragon Industrial OT, Snapdragon Mobile, Snapdragon aa 2.1 |CONFIRM 
Moice & Music, Snapdragon Wearables 
Possible buffer over read due to lack of length check while 
_ . flashing meta images in Snapdragon Consumer IOT, 07. CVE-2021-1899 
Aualopminn= apd eQGoW nnWarS Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon il So 21 CONFIRM 
Wearables 
Weak configuration in WLAN could cause forwarding of CVE-2021-1896 
qualcomm -- aqt1000_ firmware unencrypted packets from one client to another in Snapdragon || 2021-07-13 oe CONFIRM. 
Compute, Snapdragon Connectivity fi ae 
A stored cross site scripting (XSS) vulnerability in the 'Users 
: ‘ Access Groups' feature of Rukovoditel 2.7.2 allows CVE-2020-35986 
Tkavedtehaukevodiiel authenticated attackers to execute arbitrary web scripts or a0e tate 35 |imisc 
HTML via a crafted payload entered into the 'Name' parameter. 
A stored cross site scripting (XSS) vulnerability in the 'Entities 
: ‘ List' feature of Rukovoditel 2.7.2 allows authenticated attackers CVE-2020-35987 
rokeveditersssukavodiiel to execute arbitrary web scripts or HTML via a crafted payload anata 35 |imisc 
entered into the 'Name' parameter. 
A stored cross site scripting (XSS) vulnerability in the ‘Users 
rukoueditel=: tukovedital Alerts' feature of Rukovoditel 2.7.2 allows authenticated 2021-07-09 35 CVE-2020-35984 
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A stored cross site scripting (XSS) vulnerability in the 'Global 
: : Lists" feature of Rukovoditel 2.7.2 allows authenticated CVE-2020-35985 
RS Neaireaneevodie) attackers to execute arbitrary web scripts or HTML via a crafted eee aoe 35 |misc 
payload entered into the 'Name' parameter. 
SAP Lumira Server version 2.4 does not sufficiently encode 
user controlled inputs, resulting in Cross-Site Scripting (XSS) 
vulnerability. This would allow an attacker with basic level CVE-2021-33682 
sap -- lumira_server privileges to store a malicious script on SAP Lumira Server. 2021-07-14 MISC 


The execution of the script content, by a victim registered on 
SAP Lumira Server, could compromise the confidentiality and 
integrity of SAP Lumira content. 


MISC 





The Smooth Scroll Page Up/Down Buttons WordPress plugin 
smooth_scroll_page_up\V/down_butttbinsughojestdoes not properly sanitise and validate its 





smooth_scroll_page_up\Vdown_bu 





psb_ positioning settings, allowing high privilege users such as 


tiaimin to set an XSS payload in it, which will be executed in all 


pages of the blog 


2021-07-12 


le le 
in in 


CVE-2021-24418 
CONFIRM 
MISC 








stormshield -- endpoint_security 


SES Evolution before 2.1.0 allows duplicating an existing 
security policy by leveraging access of a user having read-only 
access to security policies. 


2021-07-13 


Ss 
ko 


CVE-2021-31224 
MISC 
MISC 





stormshield -- endpoint_security 


SES Evolution before 2.1.0 allows modifying security policies 


by leveraging access of a user having read-only access to 
security policies. 


2021-07-13 


CVE-2021-31220 


MISC 
MISC 








stormshield -- endpoint_security 


SES Evolution before 2.1.0 allows reading some parts of a 
security policy by leveraging access to a computer having the 
administration console installed. 


2021-07-13 


oo 


CVE-2021-31223 
MISC 
MISC 





SES Evolution before 2.1.0 allows updating some parts of a 


CVE-2021-31222 




















Scripting issue 


stormshield -- endpoint_security _||security policy by leveraging access to a computer having the 2021-07-13 2.9 MISC 
administration console installed. MISC 
SES Evolution before 2.1.0 allows deleting some parts of a CVE-2021-31221 
stormshield -- endpoint_security _ ||security policy by leveraging access to a computer having the 2021-07-13 2.9 MISC 
administration console installed. MISC 
The Backup by 10Web a€* Backup and Restore Plugin 
we bedenada =: baakupawa WordPress plugin through 1.0.20 does not sanitise or escape 2021-07-12 35 oo 
P the tab parameter before outputting it back in the page, leading — CONFIRM 
to a reflected Cross-Site Scripting issue so 
The WP Reset a€“ Most Advanced WordPress Reset Tool 
WordPress plugin before 1.90 did not sanitise or escape its CVE-2021-24424 
webfactoryltd -- wp_reset extra_data parameter when creating a snapshot via the admin || 2021-07-12 3 CONFIRM 
dashboard, leading to an authenticated Stored Cross-Site MISC 








wp_ youtube _lyte_project -- 
wp_youtube_lyte 











The WP YouTube Lyte WordPress plugin before 1.7.16 did not 
sanitise or escape its lyte_yt_api_key and lyte_notification 
settings before outputting them back in the page, allowing high 
privilege users to set XSS payload on them and leading to 





stored Cross-Site Scripting issues. 








2021-07-12 








CVE-2021-24419 
CONFIRM 
MISC 








Back to top 


Severity Not Yet Assigned 


















































Primary — . CvsSs Source & Patch 
Vendor -- Product Descnptlen Published Score Info 
1Password Connect server before 1.2 is missing validation 
checks, permitting users to create Secrets Automation access 
1password_connect -- tokens that can be used to perform privilege escalation. . 
1password_connect Malicious users authorized to create Secrets Automation 2021-07-16 Bee ie d oo 
access tokens can create tokens that have access beyond fers 
what the user is authorized to access, but limited to the existing 
authorizations of the Secret Automation the token is created in. 
Insufficient input validation in MdeModulePkg in EDKII may 
MdeModulePkg -- MdeModulePkg |jallow an unauthenticated user to potentially enable escalation 2021-07-14 not yet ||CVE-2019-11098 
of privilege, denial of service and/or information disclosure via calculated |IMISC 
physical access. 
aeronié=< true made Acronis True Image through 2021 on macOS allows local natvet CVE-2020-25593 
imag privilege escalation from admin to root due to insecure folder 2021-07-15 ied MISC 
permissions. MISC 
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Primary re . CVSS Source & Patch 
Vendor -- Product Description Published | Score Info 
: F Acronis True Image 2019 update 1 through 2021 update 1 on CVE-2020-25736 
aeons nue image macOS allows local privilege escalation due to an insecure 2021-07-15 Bae ine MISC 
XPC service configuration. MISC 
acronis -- true_image_2019 Acronis True Image for Mac before 2021 Update 4 allowed 2021-07-15 not yet nae 
local privilege escalation due to insecure folder permissions. calculated MISC 
a F Acronis True Image 2019 update 1 through 2020 on macOS CVE-2020-15495 
pononiaes ihe mage sete allows local privilege escalation due to an insecure XPC 2021-07-15 Rhee MISC 
service configuration. MISC 
A local file inclusion (LFI) vulnerability exists in the options.php 
script functionality of Advantech R-SeeNet v 2.4.12 : f 
advantech -- r-seenet (20.10.2020). A specially crafted HTTP request can lead to 2021-07-16 |) Torys 77 a 
arbitrary PHP code execution. An attacker can send a crafted —— 
HTTP request to trigger this vulnerability. 
This vulnerability is present in device_graph_page.php script, 
which is a part of the Advantech R-SeeNet web applications. A not yet ||CVE-2021-21801 
advantech — r-seenet specially crafted URL by an attacker and visited by a victim can 2021-07-16 | calculated |MISC 
lead to arbitrary JavaScript code execution. 
This vulnerability is present in device_graph_page.php script, 
advantech -- r-seenet which is a part of the Advantech R-SeeNet web applications. A 2021-07-16 not yet ||CVE-2021-21802 
specially crafted URL by an attacker and visited by a victim can calculated |IMISC 
lead to arbitrary JavaScript code execution. 
This vulnerability is present in device_graph_page.php script, 
advantech -- r-seenet which is a part of the Advantech R-SeeNet web applications. A 2021-07-16 not yet ||CVE-2021-21803 
specially crafted URL by an attacker and visited by a victim can calculated |IMISC 
lead to arbitrary JavaScript code execution. 
Cross-site scripting vulnerabilities exist in the ssh_form.php 
script functionality of Advantech R-SeeNet v 2.4.12 
advantech -- r-seenet (20.10.2020). If a user visits a specially crafted URL, it can lead 2021-07-16 not yet ||CVE-2021-21800 
to arbitrary JavaScript code execution in the context of the calculated |IMISC 
targeted user’s browser. An attacker can provide a crafted URL 
to trigger this vulnerability. 
Cross-site scripting vulnerabilities exist in the telnet_form.php 
script functionality of Advantech R-SeeNet v 2.4.12 
advantech -- r-seenet (20.10.2020). If a user visits a specially crafted URL, it can lead 2021-07-16 not yet ||CVE-2021-21799 
to arbitrary JavaScript code execution in the context of the calculated |IMISC 
targeted user’s browser. An attacker can provide a crafted URL 
to trigger this vulnerability. 
CVE-2021-36090 
MISC 
When reading a specially crafted ZIP archive, Compress can MISC 
be made to allocate large amounts of memory that finally leads apes MLIST 
apache -- commons_compress to an out of memory error even for very small inputs. This could||_ 2021-07-13 Pale aoe MLIST 
be used to mount a denial of service attack against services MLIST 
that use Compress' zip package. MLIST 
MLIST 
MLIST 
When reading a specially crafted 7Z archive, the construction ee 
apache -- commons_compress of the list of codecs that decompress an entry can result in an not yet |aan 
naan : : 2021-07-13 MISC 
infinite loop. This could be used to mount a denial of service calculated MLIST 
attack against services that use Compress’ sevenz package. MLIST 
CVE-2021-35517 
When reading a specially crafted TAR archive, Compress can eee 
Besahec: Gomes aannless be made to allocate large amounts of memory that finally leads not yet |IMLIST 
p = p to an out of memory error even for very small inputs. This could|| 2021-07-13 y aN ee 
: : : : calculated ||MLIST 
be used to mount a denial of service attack against services MLIST 
that use Compress' tar package. MLIST 
MLIST 
When reading a specially crafted 7Z archive, Compress can be CVE-2021-35516 
Bbaehe =Goininene wainnIees made to allocate large amounts of memory that finally leads to Feiwel MISC 
p = p an out of memory error even for very small inputs. This could 2021-07-13 pee ae MISC 
be used to mount a denial of service attack against services MLIST 
that use Compress' sevenz package. MLIST 
A vulnerability in sshd-core of Apache Mina SSHD allows an CVE-2021-30129 
apacheximina-sahd attacker to overflow the server causing an OutOfMemory error. niotvet CONFIRM 
p = This issue affects the SFTP and port forwarding features of 2021-07-12 Pent ue MLIST 
Apache Mina SSHD version 2.0.0 and later versions. It was MLIST 
addressed in Apache Mina SSHD 2.7.0 MLIST 
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Primary re . CVSS Source & Patch 
Vendor -- Product Description Published Score Info 
A vulnerability in the JNDI Realm of Apache Tomcat allows an 
attacker to authenticate using variations of a valid user name 
peal tama and/or to bypass some of the protection provided by the 2021-07-12 ae a d eo eee 


LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 
to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65. 








booking_core -- 


Cross Site Scripting (XSS) vulnerability in Booking Core - 
Ultimate Booking System Booking Core 1.7.0 via the (1) "About 




















; ‘ ._ Yourself’ section under the “My Profile” page, " (2) “Hotel 07. not yet ||CVE-2020-25444 
ultimate_booking_system_booking| sas» field under the “Hotel Details” page, (3) “Pricing code” ee calculated |IMISC 
and “name?” fields under the “Manage Tour” page, and (4) all 
the labels under the “Menu” section. 
A vulnerability exists in Broadcom BCM4352 and BCM43684 
chips. Any wireless router using BCM4352 and BCM43684 will 
ee ane BEMaSBBA be affected, such as ASUS AX6100. An attacker may cause a | 5954 97.44 || notyet ae 
sie Denial of Service (DoS) to any device connected to BCM4352 calculated MISC 
or BCM43684 routers via an association or reassociation hema 
frame. 
éapddié<-eeseaan Cartadis Gespage through 8.2.1 allows Directory Traversal in aaivet nn 
gespag gespage/doDownloadData and 2021-07-12 ele ee CONFIRM 
gespage/webapp/doDownloadData. MISC. 
An issue was discovered in Centreon-Web in Centreon 
Lie ieee Platform 20.10.0. A SQL injection vulnerability in "Configuration sees ial 
P > Users > Contacts / Users" allows remote authenticated users || 2021-07-16 y Rae 
: ; ie calculated |IMISC 
to execute arbitrary SQL commands via the Additional MISC 
Information parameters. (ana 
An issue was discovered in Centreon-Web in Centreon CVE-2021-28054 
centreon -- platform Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in 2021-07-16 not yet ||MISC 
"Configuration > Hosts" allows remote authenticated users to calculated |IMISC 
inject arbitrary web script or HTML via the Alias parameter. MISC 








chatwoot -- chatwoot 


chatwoot is vulnerable to Inefficient Regular Expression 
Complexity 


2021-07-16 


not yet 
calculated 


CVE-2021-3649 
MISC 
CONFIRM 





cisco -- 
adaptive_security_appliance 


Adaptive Security Appliance (ASA) Software and Cisco 
Firepower Threat Defense (FTD) Software could allow an 
authenticated, remote attacker or an unauthenticated attacker 
in a man-in-the-middle position to cause an unexpected reload 
of the device that results in a denial of service (DoS) condition. 
The vulnerability is due to a logic error in how the software 
cryptography module handles specific types of decryption 
errors. An attacker could exploit this vulnerability by sending 
malicious packets over an established IPsec connection. A 
successful exploit could cause the device to crash, forcing it to 
reload. Important: Successful exploitation of this vulnerability 
would not cause a compromise of any encrypted data. Note: 
This vulnerability affects only Cisco ASA Software Release 
9.16.1 and Cisco FTD Software Release 7.0.0. 


A vulnerability in the software cryptography module of Cisco 


2021-07-16 


not yet 
calculated 


CVE-2021-1422 
CISCO 





d-link -- dap-1330_ routers 


arbitrary code on affected installations of D-Link DAP-1330 
1.13B01 BETA routers. Authentication is not required to exploit 
this vulnerability. The specific flaw exists within the handling of 
the Cookie HTTP header. The issue results from the lack of 
proper validation of the length of user-supplied data prior to 
copying it to a fixed-length stack-based buffer. An attacker can 
leverage this vulnerability to execute code in the context of the 
device. Was ZDI-CAN-12028. 


This vulnerability allows network-adjacent attackers to execute 


2021-07-15 





not yet 
calculated 


CVE-2021-34830 
MISC 











d-link -- dap-1330_routers 


This vulnerability allows network-adjacent attackers to execute 
arbitrary code on affected installations of D-Link DAP-1330 
1.13B01 BETA routers. Authentication is not required to exploit 
this vulnerability. The specific flaw exists within the handling of 
the SOAPAction HTTP header. The issue results from the lack 
of proper validation of the length of user-supplied data prior to 
copying it to a fixed-length stack-based buffer. An attacker can 
leverage this vulnerability to execute code in the context of the 
device. Was ZDI-CAN-12029. 














2021-07-15 


not yet 
calculated 











CVE-2021-34827 
MISC 
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This vulnerability allows network-adjacent attackers to execute 
arbitrary code on affected installations of D-Link DAP-1330 
1.13B01 BETA routers. Authentication is not required to exploit 
this vulnerability. The specific flaw exists within the handling of 
the SOAPAction HTTP header. The issue results from the lack || 2021-07-15 
of proper validation of the length of user-supplied data prior to 
copying it to a fixed-length buffer. An attacker can leverage this 
vulnerability to execute code in the context of the device. Was 
ZDI-CAN-12066. 


This vulnerability allows network-adjacent attackers to execute 
arbitrary code on affected installations of D-Link DAP-1330 
1.13B01 BETA routers. Authentication is not required to exploit 
this vulnerability. The specific flaw exists within the handling of 
the HNAP_AUTH HTTP header. The issue results from the lack} 2021-07-15 
of proper validation of the length of user-supplied data prior to 
copying it to a fixed-length buffer. An attacker can leverage this 
vulnerability to execute code in the context of the device. Was 
ZDI-CAN-12065. 


A hard-coded password vulnerability exists in the Zebra IP 


d-link -- dap-1330_routers not yet ||CVE-2021-34828 


calculated ||MISC 








d-link -- dap-1330_ routers not yet ||CVE-2021-34829 


calculated ||MISC 








Routing Manager functionality of D-LINK DIR-3040 1.13B03. A 
d-link -- dir-3040 specially crafted network request can lead to a denial of 2021-07-16 
service. An attacker can send a sequence of requests to trigger 
this vulnerability. 


An information disclosure vulnerability exists in the Syslog 
functionality of D-LINK DIR-3040 1.13B03. A specially crafted 
network request can lead to the disclosure of sensitive 2021-07-16 
information. An attacker can send an HTTP request to trigger 
this vulnerability. 


An information disclosure vulnerability exists in the Zebra IP 
Routing Manager functionality of D-LINK DIR-3040 1.13B03. A 
specially crafted network request can lead to the disclosure of || 2021-07-16 
sensitive information. An attacker can send a sequence of 
requests to trigger this vulnerability. 


[A code execution vulnerability exists in the Libcli Test 
Environment functionality of D-LINK DIR-3040 1.13B03. A 
specially crafted network request can lead to arbitrary 2021-07-16 
command execution. An attacker can send a sequence of 
requests to trigger this vulnerability. 


A hard-coded password vulnerability exists in the Libcli Test 
Environment functionality of D-LINK DIR-3040 1.13B03. A 
specially crafted network request can lead to code execution. 2021-07-16 
An attacker can send a sequence of requests to trigger this 
vulnerability. 


Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 
19.1 and Dell EMC Integrated Data Protection Appliance 
(IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML 

dell -- emc_avamar_server External Entity(XXE) Injection vulnerability. A remote 


not yet ||CVE-2021-21818 
calculated ||MISC 








d-link -- dir-3040 not yet ||CVE-2021-21816 


calculated ||MISC 








d-link -- dir-3040 not yet ||CVE-2021-21817 


calculated ||MISC 








d-link -- dir-3040 not yet ||CVE-2021-21819 


calculated ||MISC 








d-link -- dir-3040 not yet ||CVE-2021-21820 


calculated ||MISC 








not yet ||CVE-2019-3752 



























































unauthenticated malicious user could potentially exploit this eee calculated |IMISC 
vulnerability to cause Denial of Service or information exposure 
by supplying specially crafted document type definitions (DTDs) 
in an XML request. 
Wyse Management Suite versions 3.2 and earlier contain an 
= . absolute path traversal vulnerability. A remote authenticated 07. not yet ||CVE-2021-21586 
Roller wayee_ Management suite malicious user could exploit this vulnerability in order to read sere calculated |IMISC 
arbitrary files on the system. 
Dell Wyse Management Suite versions 3.2 and earlier contain 
dell -- wyse_management_suite _|fa full path disclosure vulnerability. A local unauthenticated 2021-07-15 not yet ||CVE-2021-21587 
attacker could exploit this vulnerability in order to obtain the calculated |IMISC 
path of files and folders. 

- DEPSTECH WiFi Digital Microscope 3 allows remote attackers Q f 
depstech ‘ to change the SSID and password, and demand a ransom not yet ee 
wifi_digital_microscope_3 i : : 2021-07-15 MISC 

payment from the rightful device owner, because there is no calculated MISC 
way to reset to Factory Default settings. ——— 
Certain Shenzhen PENGLIXIN components on DEPSTECH 
ieee it mecana. a WiFi Digital Microscope 3, as used by Shekar Endoscope, 2021-07-15 || notyet ees 
_algital_| pe_ allow a TELNET connection with the molinkadmin password for calculated MISC 
the molink account. ae 
ea emis - DEPSTECH WiFi Digital Microscope 3 has a default SSID of | 5554.97.45 | not yet one 
algnal_ pe_ Jetion_xxxxxxxx with a password of 12345678. calculated |fjriec 
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version 2.7.6, ‘beta’ version 2.8.0.beta3, and ‘tests-passed* 
version 2.8.0.beta3. As a workaround, ensure that the Content 
Security Policy is enabled, and has not been modified in a way 
which would make it more vulnerable to XSS attacks. 





Primary er . CVSS Source & Patch 
Vendor -- Product Pesenprlen Published Score Info 

Discourse is an open-source discussion platform. In Discourse 
versions 2.7.5 and prior, parsing and rendering of YouTube 
Oneboxes can be susceptible to XSS attacks. This vulnerability 
only affects sites which have modified or disabled Discourse's 

discourse -- discourse default Content Security Policy. The issue is patched in ‘stable’ || 2021-07-15 not yet | ee ae 

calculated |ICONFIRM 








Dr. ID Door Access Control and Personnel Attendance 











permission. 


dr.id -- Management system uses the hard-code admin default not yet CVE-2021-35961 
door_access_control_and_personnetedtetidhnttatrakmageerentessttiakers to access the system 2021-07-16 calculated MISC 
through the default password and obtain the highest MISC 
permission. 
Specific page parameters in Dr. ID Door Access Control and 
dr.id -- Personnel Attendance Management system does not filter not yet CVE-2021-35962 
door_access_control_and_personnepediancwarestenanagaromnattyciens can apply Path Traversal || 2021-07-16 ealculaiod MISC 
means to download credential files from the system without MISC 





eclipse -- jetty 


For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 


11.0.1-11.0.5, URIs can be crafted using some encoded 
characters to access the content of the WEB-INF directory 
and/or bypass some security constraints. This is a variation of 
the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx- 
gmcd. 


2021-07-15 


not yet 
calculated 





CVE-2021-34429 
CONFIRM 








ecostructure -- control_ expert 


Insufficiently Protected Credentials vulnerability exists in 
EcoStruxure Control Expert (all versions prior to V15.0 SP1, 
including all versions of Unity Pro), EcoStruxure Process 
Expert (all versions, including all versions of EcoStruxure 
Hybrid DCS), and SCADAPack RemoteConnect for x70, all 
versions, that could cause unauthorized access to a project file 
protected by a password when this file is shared with untrusted 
sources. An attacker may bypass the password protection and 
be able to view and modify a project file. 


2021-07-14 


not yet 
calculated 


CVE-2021-22780 
MISC 





ecostructure -- control_ expert 


Insufficiently Protected Credentials vulnerability exists in 
EcoStruxure Control Expert (all versions prior to V15.0 SP1, 
including all versions of Unity Pro), EcoStruxure Process 
Expert (all versions, including all versions of EcoStruxure 
Hybrid DCS), and SCADAPack RemoteConnect for x70, all 
versions, that could cause a leak of SMTP credential used for 
mailbox authentication when an attacker can access a project 
file. 


2021-07-14 


not yet 
calculated 





CVE-2021-22781 
MISC 





ecostructure -- control_ expert 


Authentication Bypass by Spoofing vulnerability exists in 
EcoStruxure Control Expert (all versions prior to V15.0 SP1, 
including all versions of Unity Pro), EcoStruxure Control Expert 
'¥15.0 SP1, EcoStruxure Process Expert (all versions, including 
all versions of EcoStruxure Hybrid DCS), SCADAPack 
RemoteConnect for x70 (all versions), Modicon M580 CPU (all 
versions - part numbers BMEP* and BMEH*), Modicon M340 
CPU (all versions - part numbers BMXP34*), that could cause 
unauthorized access in read and write mode to the controller 
by spoofing the Modbus communication between the 
engineering software and the controller. 


2021-07-14 


not yet 
calculated 


CVE-2021-22779 
MISC 








ecostructure -- control_ expert 


Insufficiently Protected Credentials vulnerability exists in 
EcoStruxure Control Expert (all versions prior to V15.0 SP1, 
including all versions of Unity Pro), EcoStruxure Process 
Expert (all versions, including all versions of EcoStruxure 
Hybrid DCS), and SCADAPack RemoteConnect for x70, all 
versions, that could cause protected derived function blocks to 
be read or modified by unauthorized users when accessing a 
project file. 


2021-07-14 


not yet 
calculated 


CVE-2021-22778 
MISC 





ecostructure -- control_expert 


Missing Encryption of Sensitive Data vulnerability exists in 
EcoStruxure Control Expert (all versions prior to V15.0 SP1, 
including all versions of Unity Pro), EcoStruxure Process 
Expert (all versions, including all versions of EcoStruxure 
Hybrid DCS), and SCADAPack RemoteConnect for x70, all 
versions, that could cause an information leak allowing 
disclosure of network and process information, credentials or 
intellectual property when an attacker can access a project file. 


2021-07-14 





not yet 
calculated 


CVE-2021-22782 
MISC 





ectouch -- ectouch 











SQL Injection Vulnerability in ECTouch v2 via the integral_min 





parameter in index.php. 
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not yet 
calculated 


CVE-2020-18144 





MISC 
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network via sending specifically crafted UDP login notification 
packets. 


Prima er . CVSS Source & Patch 
Vendor -- Prcdiel pesenptlon Published | Score Info 
elfinder.net.core -- This affects the package elFinder.Net.Core from 0 and before —— 
2 : é a not yet ||MISC 
elfinder.net.core 1.2.4. The user-controlled file name is not properly sanitized 2021-07-14 calculated |MISC 
before it is used to create a file system path. MISC 
espressif -- esp32 An attacker can cause a Denial of Service and kernel panic in not yet CVE-2021-34173 
v4.2 and earlier versions of Espressif esp32 via a malformed 2021-07-14 eaiculsted MISC 
beacon csa frame. The device requires a reboot to recover. MISC 
fail2ban is a daemon to ban hosts that cause multiple 
authentication errors. In versions 0.9.7 and prior, 0.10.0 
through 0.10.6, and 0.11.0 through 0.11.2, there is a 
vulnerability that leads to possible remote code execution in the 
mailing action mail-whois. Command “mail from mailutils 
package used in mail actions like ‘mail-whois’ can execute CVE-2021-32749 
fail2ban -- fail2ban command if unescaped sequences (‘\n~’) are available in 2021-07-16 not yet ||MISC 
"foreign" input (for instance in whois output). To exploit the calculated |IMISC 
vulnerability, an attacker would need to insert malicious CONFIRM 
characters into the response sent by the whois server, either 
via a MITM attack or by taking over a whois server. The issue is 
patched in versions 0.10.7 and 0.11.3. As a workaround, one 
may avoid the usage of action ‘mail-whois* or patch the 
vulnerability manually. 
Falco through 0.28.1 has a Time-of-check Time-of-use 
falco -- faleo (TOCTOU) Race Condition. Issue is fixed in Falco versions >= || 2021-07-15 || Motyet |CVE-2021-33505 
0.29.1. calculated ||MISC 
fossil -- fossil Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the 2021-07-12 not yet ||CVE-2021-36377 
hostname check during TLS certificate validation. calculated |IMISC 
CVE-2021-28114 
froala -- wysiwyg Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due toa 2021-07-16 not yet ||MISC 
namespace confusion during parsing. calculated |IMISC 
MISC 
An improper authentication vulnerability in FSSO Collector 
version 5.0.295 and below may allow an unauthenticated user 
Ise sCollectar to bypass a FSSO firewall policy and access the protected 2021-07-12 Ba ts d ao 





gatsby -- gatsby 


Gatsby is a framework for building websites. The gatsby- 
source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks 
.htaccess HTTP Basic Authentication variables into the app.js 
bundle during build-time. Users who are not initializing basic 
authentication credentials in the gatsby-config.js are not 
affected. A patch has been introduced in gatsby-source- 
wordpress@4.0.8 and gatsby-source-wordpress@5.9.2 which 
mitigates the issue by filtering all variables specified in the 
“auth: { }' section. Users that depend on this functionality are 
advised to upgrade to the latest release of gatsby-source- 
wordpress, run ‘gatsby clean’ followed by a ‘gatsby build’. One 
may manually edit the app.js file post-build as a workaround. 


2021-07-15 





not yet 
calculated 


CVE-2021-32770 
CONFIRM 








github -- enterprise_server 


A path traversal vulnerability was identified in GitHub 
Enterprise Server that could be exploited when building a 
GitHub Pages site. User-controlled configuration options used 
by GitHub Pages were not sufficiently restricted and made it 
possible to read files on the GitHub Enterprise Server instance. 
To exploit this vulnerability, an attacker would need permission 
to create and build a GitHub Pages site on the GitHub 
Enterprise Server instance. This vulnerability affected all 
versions of GitHub Enterprise Server prior to 3.1.3 and was 
fixed in 3.1.3, 3.0.11, and 2.22.17. This vulnerability was 
reported via the GitHub Bug Bounty program. 


2021-07-14 


not yet 
calculated 





CVE-2021-22867 
MISC 
MISC 
MISC 





The crypto/tls package of Go through 1.16.5 does not properly 


assert that the type of public key in an X.509 certificate 


CVE-2021-34558 














interaction is needed for exploitation.Product: AndroidVersions: 
Android kernelAndroid ID: A-168802517References: N/A 

















ae matches the expected type when doing a RSA based key 2021-07-15 Ba tee ee 
exchange, allowing a malicious TLS server to cause a TLS MISC 
client to panic. = 
In isRealSnapshot of TaskThumbnailView.java, there is 
possible data exposure due to a missing permission check. 

google -- android This could lead to local information disclosure from locked 2021-07-14 not yet ||CVE-2021-0654 
profiles with no additional execution privileges needed. User calculated |IMISC 
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ID: 201777. 


Primary ia . CVSS Source & Patch 
Vendor -- Product Pesenptlen Published | Score Info 
HashiCorp Consul before 1.10.1 (and Consul Enterprise) has nishavet CVE-2021-32574 
hashicorp -- consul Missing SSL Certificate Validation. xds does not ensure that the|| 2021-07-17 Petar eae MISC 
Subject Alternative Name of an upstream is validated. CONFIRM 
: i In HashiCorp Consul before 1.10.1 (and Consul Enterprise), CVE-2021-36213 
Heehiponp consul xds can generate a situation where a single L7 deny intention 2021-07-17 Rate MISC 
(with a default deny policy) results in an allow action. CONFIRM 
Password autocomplete vulnerability in the web application 
hitachi -- password field of Hitachi ABB Power Grids eSOMS allows 
abb_power_grids_esoms attacker to gain access to user credentials that are stored by 2021-07-14 Bis i d a 
the browser. This issue affects: Hitachi ABB Power Grids psec’ 
eSOMS version 6.3 and prior versions. 
IBM InfoSphere Data Replication 11.4 and IBM InfoSphere 
fain can osnheke aie eenUbIeaA Change Data Capture for z/OS 10.2.1, under certain aaiwet on 
P = rep configurations, could allow a user to bypass authentication 2021-07-16 y SCRICIKA 
: : : ; calculated ||CONFIRM 
mechanisms using an empty password string. IBM X-Force ID: 
XE 
189834 
IBM InfoSphere Master Data Management Server 11.6 is 
ibm -- vulnerable to cross-site request forgery which could allow an niot-vet CVE-2020-4675 
infosphere_master_data_managernattaickervierexecute malicious and unauthorized actions 2021-07-16 puted CONFIRM 
transmitted from a user that the website trusts. IBM X-Force ID: XF 
Me ee 
IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for CVE-2020-4980 
ibm -- qradar_siem protecting data in transit between hosts when encrypt host notyet |AAncioa 
: : 2021-07-16 CONFIRM 
connections is not enabled as well as data at rest. IBM X-Force calculated XF 
i | ————EE 
ibm IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 CVE-2021-29725 
secure_external_authentication_save? IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a 2021-07-15 not yet ||CONFIRM 
remote user to consume resources causing a denial of service calculated ||XF 
due to a resource leak. CONFIRM 
IBM Secure External Authentication Server 6.0.2 and IBM 
ae Secure Proxy 6.0.2 is vulnerable to server-side request forgery CVE-2021-29749 
ooo RF). This may allow an authenticated attacker to send 07. not yet ||XEF 
secure_external_authentication seer th” neg requests from the system, potentially leading to al calculated ||CONFIRM 
network enumeration or facilitating other attacks. IBM X-Force CONFIRM 





ibm -- security_access_amanger 


[Access Docker 10.0.0 stores user credentials in plain clear text 
which can be read by an unauthorized user. 


IBM Security Access Manager 9.0 and IBM Security Verify 


2021-07-15 


not yet 
calculated 


CVE-2021-20439 


XE 
CONFIRM 








IBM Security Verify Access Docker 10.0.0 could allow a remote 
attacker to obtain sensitive information when a detailed 


CVE-2021-20523 

















intended functionality potentially leading to credentials 
disclosure within a trusted session. IBM X-Force ID: 198661. 





ae Wadi Bidéate Wacker technical error message is returned in the browser. This 2021-07-15 Bit re q |XE 
= a = information could be used in further attacks against the system. CONFIRM 
IBM X-Force ID: 198660 
IBM Security Verify Access Docker 10.0.0 could allow a remote 
attacker to conduct phishing attacks, using an open redirect 
attack. By persuading a victim to visit a specially crafted Web 
ibm -- site, a remote attacker could exploit this vulnerability to spoof 2021-07-15 not yet ee 
security_verify_access_docker the URL displayed to redirect a user to a malicious Web site calculated CONFIRM 
that would appear to be trusted. This could allow the attacker to fare 
obtain highly sensitive information or conduct further attacks 
against the victim. IBM X-Force ID: 198814 
IBM Security Verify Access Docker 10.0.0 could allow a remote 
ee attacker to traverse directories on the system. An attacker not yet CVE-2021-20511 
security_verify_access_docker could send a specially-crafted URL request containing "dot dot" || 2021-07-15 éaleulated XF 
= = aa sequences (/../) to view arbitrary files on the system. IBM X- CONFIRM 
Force ID: 198300. 
IBM Security Verify Access Docker 10.0.0 is vulnerable to 
a cross-site scripting. This vulnerability allows users to embed nieived CVE-2021-20524 
. ‘ arbitrary JavaScript code in the Web UI thus altering the 2021-07-15 y XE 
security_verify_access_docker calculated 


CONFIRM 

















ibm IBM Security Verify Access Docker 10.0.0 could reveal highly not yet CVE-2021-20500 
security_verify_access_docker sensitive information to a local privileged user. IBM X-Force ID: || 2021-07-15 eeinulatedl XF 
= zm = 197980. CONFIRM 
ibm -- IBM Security Verify Access Docker 10.0.0 uses weaker than esi wal CVE-2021-20497 
security_verify_access_docker expected cryptographic algorithms that could allow an attacker || 2021-07-15 Sepie ted XF 
to decrypt highly sensitive information. IBM X-Force ID: 197969 CONFIRM 





ibm -- 
security_verify_access_docker 








IBM Security Verify Access Docker 10.0.0 could allow an 
authenticated user to bypass input due to improper input 
validation. IBM X-Force ID: 197966. 











2021-07-15 


not yet 
calculated 








CVE-2021-20496 


XE 





CONFIRM 
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information could be used in further attacks against the system. 
IBM X-Force ID: 197973 





Primary as . CVSS Source & Patch 
Vendor -- Product Desenptien Published Score Info 
; IBM Security Verify Access Docker 10.0.0 could allow a remote 
oe : authenticated attacker to execute arbitrary commands on the not yet CVE-2021-20533 
security_verify_access_docker ; : _ || 2021-07-15 XF 
system by sending a specially crafted request. IBM X-Force ID: calculated CONFIRM 
198813 ee 
IBM Security Verify Access Docker 10.0.0 could allow a remote 
ibm -- attacker to obtain sensitive information when a detailed viskaet CVE-2021-20499 
security_verify_access_docker technical error message is returned in the browser. This 2021-07-15 eae jaa XF 


CONFIRM 





ibm -- 


security_verify_access_docker 


IBM Security Verify Access Docker 10.0.0 could allow a user to 


impersonate another user on the system. IBM X-Force ID: 
201483. 


2021-07-15 





not yet 
calculated 


CVE-2021-29742 


XE 
CONFIRM 








ibm -- 


security_verify_access_docker 


IBM Security Verify Access Docker 10.0.0 reveals version 
information in HTTP requets that could be used in further 
attacks against the system. IBM X-Force ID: 197972. 


2021-07-15 





not yet 
calculated 


CVE-2021-20498 
XF 
CONFIRM 








ibm -- 


security_verify_access_docker 


IBM Security Verify Access Docker 10.0.0 stores user 
credentials in plain clear text which can be read by a local user. 
IBM X-Force ID: 198299 


2021-07-15 





not yet 
calculated 


CVE-2021-20510 
XE 
CONFIRM 








ibm -- 


security_verify_access_docker 


IBM Security Verify Access Docker 10.0.0 could allow a remote 
priviled user to upload arbitrary files with a dangerous file type 
that could be excuted by an user. IBM X-Force ID: 200600. 


2021-07-15 


not yet 
calculated 


CVE-2021-29699 
XF 
CONFIRM 








ibm -- 


security_verify_access_docker 


IBM Security Verify Access Docker 10.0.0 contains hard-coded 
credentials, such as a password or cryptographic key, which it 
uses for its own inbound authentication, outbound 
communication to external components, or encryption of 
internal data. IBM X-Force ID:198918 


2021-07-15 


not yet 
calculated 


CVE-2021-20537 
bast 
CONFIRM 








icinga -- icinga 


Icinga is a monitoring system which checks the availability of 
network resources, notifies users of outages, and generates 
performance data for reporting. In versions prior to 2.11.10 and 
from version 2.12.0 through version 2.12.4, some of the Icinga 
2 features that require credentials for external services expose 
those credentials through the API to authenticated API users 
with read permissions for the corresponding object types. 
IdoMysqlConnection and IdoPgsqlConnection (every released 
version) exposes the password of the user used to connect to 
the database. IcingaDB (added in 2.12.0) exposes the 
password used to connect to the Redis server. 
ElasticsearchWriter (added in 2.8.0)exposes the password 
used to connect to the Elasticsearch server. An attacker who 
obtains these credentials can impersonate Icinga to these 
services and add, modify and delete information there. If 
credentials with more permissions are in use, this increases the 
impact accordingly. Starting with the 2.11.10 and 2.12.5 
releases, these passwords are no longer exposed via the API. 
As a workaround, API user permissions can be restricted to not 
allow querying of any affected objects, either by explicitly listing 
only the required object types for object query permissions, or 
by applying a filter rule. 


2021-07-15 


not yet 
calculated 


CVE-2021-32743 
MISC 
CONFIRM 





icinga -- icinga 


Icinga is a monitoring system which checks the availability of 


network resources, notifies users of outages, and generates 
performance data for reporting. From version 2.4.0 through 
version 2.12.4, a vulnerability exists that may allow privilege 
escalation for authenticated API users. With a read-ony user's 
credentials, an attacker can view most attributes of all config 
objects including ‘ticket_salt’ of “ApiListener’. This salt is 
enough to compute a ticket for every possible common name 
(CN). A ticket, the master node's certificate, and a self-signed 
certificate are enough to successfully request the desired 
certificate from Icinga. That certificate may in turn be used to 
steal an endpoint or API user's identity. Versions 2.12.5 and 
2.11.10 both contain a fix the vulnerability. As a workaround, 
one may either specify queryable types explicitly or filter out 
ApiListener objects. 


2021-07-15 





not yet 
calculated 


CVE-2021-32739 
MISC 
CONFIRM 





idrive -- remotepc 


iDrive RemotePC before 4.0.1 on Linux allows denial of 
service. A remote and unauthenticated attacker can disconnect 
a valid user session by connecting to an ephemeral port. 


2021-07-15 


not yet 
calculated 


CVE-2021-34691 


MISC 
MISC 














idrive -- remotepc 








iDrive RemotePC before 7.6.48 on Windows allows information 
disclosure. A locally authenticated attacker can read an 
encrypted version of the system's Personal Key in world- 
readable %PROGRAMDATA% log files. The encryption is done 
using a hard-coded static key and is therefore reversible by an 
attacker. 








2021-07-15 





not yet 
calculated 








CVE-2021-34688 
MISC 
MISC 
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Primary as . CVSS Source & Patch 
Vendor -- Product Pesenption Published Score Info 
ee iDrive RemotePC before 7.6.48 on Windows allows information CVE-2021-34689 
idrive -- remotepc disclosure. A locally authenticated attacker can read the 2021-07-15 not yet MSC... 
system's Personal Key in world-readable %7PROGRAMDATA% calculated MISC 
log files. (cams 
iDrive RemotePC before 7.6.48 on Windows allows 
idrive -- remotepc authentication bypass. A remote and unauthenticated attacker not yet CVE-2021-34690 
Seen 2021-07-15 MISC 
can bypass cloud authentication to connect and control a calculated MISC 
system via TCP port 5970 and 5980. (ices 
iDrive RemotePC before 7.6.48 on Windows allows privilege 
idrive -- remotepc escalation. A local and low-privileged user can force not yet CVE-2021-34692 
: 2021-07-15 MISC 
RemotePC to execute an attacker-controlled executable with calculated MISC 
SYSTEM privileges. = 
iDrive RemotePC before 7.6.48 on Windows allows information 
idrivéi<- ramatene disclosure. A man in the middle can recover a system's nietkvet CVE-2021-34687 
p Personal Key when a client attempts to make a LAN 2021-07-15 iaieulciod MISC 
connection. The Personal Key is transmitted over the network MISC 


while only being encrypted via a substitution cipher. 








Insecure default variable initialization for the Intel BSSA DFT 

















clicked will forward a user to an arbitrary URL that may be 
malicious. This is tracked via Jamf with the following ID: PI- 
009822 





inele<Bese a0 feature may allow a privileged user to potentially enable an 2021-07-14 De 
: rhe : calculated |IMISC 
escalation of privilege via local access. 
intelliants -- subrion_cms SQL Injection vulnerability in Subrion CMS v4.2.1 in the search 2021-07-14 not yet ||CVE-2020-18155 
page if a website uses a PDO connection. calculated |IMISC 
Jamf Pro before 10.30.1 allows for an unvalidated URL redirect 
vulnerability affecting Jamf Pro customers who host their 
See eer environments on-premises. An attacker may craft a URL that Pree CVE-2021-35037 
! p appears to be for a customer's Jamf Pro instance, but when 2021-07-12 selena MISC 


MISC 





jasper -- image_coding_ toolkit 


A Divide-by-zero vulnerability exists in JasPer Image Coding 


Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c 


2021-07-15 





not yet 
calculated 


CVE-2021-27845 


MISC 








\jfif_encode -- jfif_encode 


A global buffer overflow vulnerability in jfif_encode at jfif.c:701 
of ffjpeg through 2020-06-22 allows attackers to cause a Denial 
of Service (DOS) via a crafted jpeg file. 


2021-07-15 





not yet 
calculated 


CVE-2020-23705 
MISC 








\jt -- utilities 


A vulnerability has been identified in JT Utilities (All versions < 
'V13.0.2.0). When parsing specially crafted JT files, a race 
condition could cause an object to be released before being 
operated on, leading to NULL pointer deference condition and 
causing the application to crash. An attacker could leverage 
this vulnerability to cause a Denial-of-Service condition in the 
application. 


2021-07-13 


not yet 
calculated 





CVE-2021-33715 
CONFIRM 





\jt -- utilities 


A vulnerability has been identified in JT Utilities (All versions < 


'V13.0.2.0). When parsing specially crafted JT files, a missing 
check for the validity of an iterator leads to NULL pointer 
deference condition, causing the application to crash. An 
attacker could leverage this vulnerability to cause a Denial-of- 
Service condition in the application. 


2021-07-13 


not yet 
calculated 


CVE-2021-33714 
CONFIRM 





jt -- utilities 


A vulnerability has been identified in JT Utilities (All versions < 


'V13.0.2.0). When parsing specially crafted JT files, a hash 
function is called with an incorrect argument leading the 
application to crash. An attacker could leverage this 
vulnerability to cause a Denial-of-Service condition in the 
application. 


2021-07-13 





not yet 
calculated 


CVE-2021-33713 
CONFIRM 





\juniper_networks -- contrail_ cloud 








Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 


have RabbitMQ service enabled by default with hardcoded 
credentials. The messaging services of RabbitMQ are used 
when coordinating operations and status information among 
Contrail services. An attacker with access to an administrative 
service for RabbitMQ (e.g. GUI), can use these hardcoded 
credentials to cause a Denial of Service (DoS) or have access 
to unspecified sensitive system information. This issue affects 
the Juniper Networks Contrail Cloud releases on versions prior 





to 13.6.0. 








2021-07-15 





not yet 
calculated 





CVE-2021-0279 
CONFIRM 
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\juniper_networks -- junos_os 


A vulnerability in the handling of exceptional conditions in 
Juniper Networks Junos OS Evolved (EVO) allows an attacker 
to send specially crafted packets to the device, causing the 
Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo- 
aftmand-zx) process to crash and restart, impacting all traffic 
going through the FPC, resulting in a Denial of Service (DoS). 
Continued receipt and processing of these packets will create a 
sustained Denial of Service (DoS) condition. Following 
messages will be logged prior to the crash: Feb 2 10:14:39 
fpcO evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd 
nexthop for nexthop:32710470974358 label:1089551617 for 
session:18 probe:35 Feb 2 10:14:39 fpcO evo-aftmand- 
bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for 
nexthop:19241453497049 label:1089551617 for session:18 
probe:37 Feb 2 10:14:39 fpcO evo-aftmand-bt[16263]: [Error] 
Nexthop: Failed to get fwd nexthop for 
nexthop:19241453497049 label:1089551617 for session:18 
probe:44 Feb 2 10:14:39 fpcO evo-aftmand-bt[16263]: [Error] 
Nexthop: Failed to get fwd nexthop for 
nexthop:32710470974358 label:1089551617 for session:18 
probe:47 Feb 2 10:14:39 fpcO audit[16263]: ANOM_ABEND 
auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 
comm="EvoAftManBt-mai" exe="/usr/sbin/evo-aftmand-bt" 
sig=11 Feb 2 10:14:39 fpcO kernel: audit: type=1701 
audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 
ses=4294967295 pid=16263 comm="EvoAftManBt-mai" 
exe="/usr/sbin/evo-aftmand-bt" sig=1 This issue affects Juniper 
Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 
21.1 versions prior to 21.1R2-EVO. 


2021-07-15 


not yet 
calculated 


CVE-2021-0286 
CONFIRM 








juniper_networks -- junos_os 


An Improper Input Validation vulnerability in J-Web of Juniper 
Networks Junos OS allows a locally authenticated attacker to 
escalate their privileges to root over the target device. 
junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 
junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 
jUNos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3- 
$1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 
junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 
junos:21.3R1 This issue affects: Juniper Networks Junos OS 
19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3- 
S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 
20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 
versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 
20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue 
does not affect Juniper Networks Junos OS versions prior to 
19.3R1. 


2021-07-15 


not yet 
calculated 


CVE-2021-0278 
CONFIRM 





juniper_networks -- junos_os 








On Juniper Networks Junos OS devices with Multipath or add- 


path feature enabled, processing a specific BGP UPDATE can 
lead to a routing process daemon (RPD) crash and restart, 
causing a Denial of Service (DoS). Continued receipt and 
processing of this UPDATE message will create a sustained 
Denial of Service (DoS) condition. This BGP UPDATE 
message can propagate to other BGP peers with vulnerable 
Junos versions on which Multipath or add-path feature is 
enabled, and cause RPD to crash and restart. This issue 
affects both IBGP and EBGP deployments in IPv4 or IPv6 
network. Junos OS devices that do not have the BGP Multipath 
or add-path feature enabled are not affected by this issue. This 
issue affects: Juniper Networks Junos OS 12.3 versions prior to 
12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions 
prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 
17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions 
prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 
versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 





19.1R3-S3; 








2021-07-15 


not yet 
calculated 














CVE-2021-0282 
CONFIRM 
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juniper_networks -- junos_os 


Improper Handling of Exceptional Conditions in Ethernet 
interface frame processing of Juniper Networks Junos OS 
allows an attacker to send specially crafted frames over the 
local Ethernet segment, causing the interface to go into a down 
state, resulting in a Denial of Service (DoS) condition. The 
interface does not recover on its own and the FPC must be 
reset manually. Continued receipt and processing of these 
frames will create a sustained Denial of Service (DoS) 
condition. This issue is platform-specific and affects the 
following platforms and line cards: * MPC7E/8E/9E and 
MPC10E on MX240, MX480, MX960, MX2008, MX2010, and 
MX2020 * MX204, MX10003, MX10008, Mx10016 * Ex9200, 
EX9251 * SRX4600 No other products or platforms are affected 
by this vulnerability. An indication of this issue occurring can be 
seen in the system log messages, as shown below: 
user@host> show log messages | match "Failed to complete 
DFE tuning" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed 
to complete DFE tuning (count 3) and interface will be in a 
permanently down state: user@host> show interfaces et-4/1/6 
terse Interface Admin Link Proto Local Remote et-4/1/6 up 
down et-4/1/6.0 up down aenet --> ae101.0 This issue affects 
Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 
on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on 
MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 
17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, 
SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, 
EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on 
MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 
18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 
versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 
Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on 
MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 
19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 
19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, 
SRX4600. This issue does not affect Juniper Networks Junos 
OS versions prior to 16.1R1. 


2021-07-15 


not yet 
calculated 


CVE-2021-0290 
CONFIRM 








juniper_networks -- junos_os 











When user-defined ARP Policer is configured and applied on 
one or more Aggregated Ethernet (AE) interface units, a Time- 
of-check Time-of-use (TOCTOU) Race Condition vulnerability 
between the Device Control Daemon (DCD) and firewall 
process (dfwd) daemons of Juniper Networks Junos OS allows 
an attacker to bypass the user-defined ARP Policer. In this 
particular case the User ARP policer is replaced with default 
ARP policer. To review the desired ARP Policers and actual 
state one can run the command "show interfaces <> extensive" 
and review the output. See further details below. An example 
output is: show interfaces extensive | match policer Policer: 
Input: __default_arp_policer__ <<< incorrect if user ARP 
Policer was applied on an AE interface and the default ARP 
Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp 
<<< correct if user ARP Policer was applied on an AE interface 
For all platforms, except SRX Series: This issue affects Juniper 
Networks Junos OS: All versions 5.6R1 and all later versions 
prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the 
exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 
versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 
versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later 
versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 
21.1R2; This issue does not affect Juniper Networks Junos OS 
versions prior to 5.6R1. On SRX Series this issue affects 
Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 
18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions 
prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 
20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 
versions prior to 21.1R2. This issue does not affect 18.4 
versions prior to 18.4R1 on SRX Series. This issue does not 
affect Junos OS Evolved. 











2021-07-15 





not yet 
calculated 








CVE-2021-0289 
CONFIRM 
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juniper_networks -- junos_os 


A vulnerability in the Distance Vector Multicast Routing Protocol 
(DVMRP) of Juniper Networks Junos OS on the QFX10K 
Series switches allows an attacker to trigger a packet 
forwarding loop, leading to a partial Denial of Service (DoS). 
The issue is caused by DVMRP packets looping on a multi- 
homed Ethernet Segment Identifier (ESI) when VXLAN is 
configured. DVMRP packets received on a multi-homed ESI 
are sent to the peer, and then incorrectly forwarded out the 
same ESI, violating the split horizon rule. This issue only 
affects QFX10K Series switches, including the QFX10002, 
QFX10008, and QFX10016. Other products and platforms are 
unaffected by this vulnerability. This issue affects Juniper 
Networks Junos OS on QFX10K Series: 17.3 versions prior to 
17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions 
prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 
18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2- 
S9, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions 
prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R3- 
S2; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 
20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 
versions prior to 20.3R3; 20.4 versions prior to 20.4R2. 


2021-07-15 


not yet 
calculated 


CVE-2021-0295 


CONFIRM 








juniper_networks -- junos_os 


[An Exposure of System Data vulnerability in Juniper Networks 
Junos OS and Junos OS Evolved, where a sensitive system- 
level resource is not being sufficiently protected, allows a 
network-based unauthenticated attacker to send specific traffic 
which partially reaches this resource. A high rate of specific 
traffic may lead to a partial Denial of Service (DoS) as the CPU 
utilization of the RE is significantly increased. The SNMP Agent 
Extensibility (agentx) process should only be listening to TCP 
port 705 on the internal routing instance. External connections 
destined to port 705 should not be allowed. This issue affects: 
Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 
17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 
17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 
18.4 versions prior to 18.4R2-S8; 19.1 versions prior to 19.1R3- 
S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 
19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 
19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 
versions prior to 20.2R2; 20.3 versions prior to 20.3R2. Juniper 
Networks Junos OS Evolved versions prior to 20.3R2-EVO. 
This issue does not affect Juniper Networks Junos OS versions 
prior to 13.2R1. 


2021-07-15 


not yet 
calculated 


CVE-2021-0291 


CONFIRM 








juniper_networks -- junos_os 








A vulnerability in Juniper Networks Junos OS caused by 
Missing Release of Memory after Effective Lifetime leads to a 
memory leak each time the CLI command 'show system 
connections extensive’ is executed. The amount of memory 
leaked on each execution depends on the number of TCP 
connections from and to the system. Repeated execution will 
cause more memory to leak and eventually daemons that need 
to allocate additionally memory and ultimately the kernel to 
crash, which will result in traffic loss. Continued execution of 
this command will cause a sustained Denial of Service (DoS) 
condition. An administrator can use the following CLI command 
to monitor for increase in memory consumption of the netstat 
process, if it exists: user@junos> show system processes 
extensive | match "username|netstat" PID USERNAME PRI 
NICE SIZE RES STATE C TIME WCPU COMMAND 21181 root 
100 0 5458M 4913M CPU3 2 0:59 97.27% netstat The 
following log message might be observed if this issue happens: 
kernel: %KERN-3: pid 21181 (netstat), uid 0, was killed: out of 
swap space This issue affects Juniper Networks Junos OS 
18.2 versions prior to 18.2R2-S8, 18.2R3-S7. 18.3 versions 
prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2- 
S6, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 
19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 
19.4R1-S4, 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 
20.1R2; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 
versions prior to 20.3R1-S1, 20.3R2; This issue does not affect 
Juniper Networks Junos OS versions prior to 18.2R1. 











2021-07-15 





not yet 
calculated 








CVE-2021-0293 


CONFIRM 
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\juniper_networks -- junos_os 


A vulnerability in Juniper Networks Junos OS, which only 
affects the release 18.4R2-S5, where a function is 
inconsistently implemented on Juniper Networks Junos 
QFX5000 Series and EX4600 Series, and if "storm-control 
enhanced" is configured, can lead to the enhanced storm 
control filter group not be installed. It will cause storm control 
not to work hence allowing an attacker to cause high CPU 
usage or packet loss issues by sending a large amount of 
broadcast or unknown unicast packets arriving the device. This 
issue affects Juniper Networks QFX5100, QFX5110, QFX5120, 
QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 
with QFX 5e Series image installed. QFX5130 and QFX5220 
are not affected from this issue. This issue affects Juniper 
Networks Junos OS 18.4R2-S5 on QFX5000 Series and 
EX4600 Series. No other product or platform is affected by this 
vulnerability. 


2021-07-15 


not yet 
calculated 


CVE-2021-0294 
CONFIRM 








\juniper_networks -- junos_os 


An Out-of-bounds Read vulnerability in the processing of 
specially crafted LLDP frames by the Layer 2 Control Protocol 
Daemon (I2cpd) of Juniper Networks Junos OS and Junos OS 
Evolved may allow an attacker to cause a Denial of Service 
(DoS), or may lead to remote code execution (RCE). Continued 
receipt and processing of these frames, sent from the local 
broadcast domain, will repeatedly crash the I2cpd process and 
sustain the Denial of Service (DoS) condition. This issue 
affects: Juniper Networks Junos OS: 12.3 versions prior to 
12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions 
prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 
17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions 
prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 
versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 
19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions 
prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1- 
S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 
20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 
20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper 
Networks Junos OS Evolved versions prior to 20.4R2-EVO. 


2021-07-15 


not yet 
calculated 


CVE-2021-0277 
CONFIRM 








\juniper_networks -- junos_os 


A vulnerability in the processing of specific MPLS packets in 
Juniper Networks Junos OS on MX Series and EX9200 Series 
devices with Trio-based MPCs (Modular Port Concentrators) 
may cause FPC to crash and lead to a Denial of Service (DoS) 
condition. Continued receipt of this packet will sustain the 
Denial of Service (DoS) condition. This issue only affects MX 
Series and EX9200 Series with Trio-based PFEs (Packet 
Forwarding Engines). This issue affects Juniper Networks 
Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 
17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 
18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 
18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions 
prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3- 
S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 
19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 
19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 
versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 
20.3R2; 20.4 versions prior to 20.4R2; 


2021-07-15 


not yet 
calculated 


CVE-2021-0288 
CONFIRM 





juniper_networks -- junos_os 











In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on 


Juniper Networks Junos OS and Junos OS Evolved devices, 
configured with ISIS Flexible Algorithm for Segment Routing 
and sensor-based statistics, a flap of a ISIS link in the network, 
can lead to a routing process daemon (RPD) crash and restart, 
causing a Denial of Service (DoS). Continued link flaps will 
create a sustained Denial of Service (DoS) condition. This 
issue affects: Juniper Networks Junos OS: 19.4 versions prior 
to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 
20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 
versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 
20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions 
prior to 20.4R2-EVO. This issue does not affect: Juniper 
Networks Junos OS releases prior to 19.4R1. Juniper Networks 
Junos OS Evolved releases prior to 19.4R1-EVO. 








2021-07-15 





not yet 
calculated 











CVE-2021-0287 
CONFIRM 
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\juniper_networks -- junos_os 


On Juniper Networks Junos OS devices configured with BGP 
origin validation using Resource Public Key Infrastructure 
(RPKI) receipt of a specific packet from the RPKI cache server 
may cause routing process daemon (RPD) to crash and restart, 
creating a Denial of Service (DoS) condition. Continued receipt 
and processing of this packet will create a sustained Denial of 
Service (DoS) condition. This issue affects: Juniper Networks 
Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions 
prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 
versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 
18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions 
prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 
versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 
19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 
versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 
versions prior to 20.4R2. Juniper Networks Junos OS Evolved 
All versions prior to 20.4R2-S2-EVO. 


2021-07-15 


not yet 
calculated 


CVE-2021-0281 
CONFIRM 








juniper_networks -- junos_os 


An uncontrolled resource consumption vulnerability in Juniper 
Networks Junos OS on QFX5000 Series and EX4600 Series 
switches allows an attacker sending large amounts of 
legitimate traffic destined to the device to cause Interchassis 
Control Protocol (ICCP) interruptions, leading to an unstable 
control connection between the Multi-Chassis Link Aggregation 
Group (MC-LAG) nodes which can in turn lead to traffic loss. 
Continued receipt of this amount of traffic will create a 
sustained Denial of Service (DoS) condition. An indication that 
the system could be impacted by this issue is the following log 
message: "DDOS_PROTOCOL_VIOLATION_SET: Warning: 
Host-bound traffic for protocol/exception LOCALNH:aggregate 
exceeded its allowed bandwidth at foc <fpc number> for <n> 
times, started at <timestamp>" This issue affects Juniper 
Networks Junos OS on QFX5000 Series and EX4600 Series: 
15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3- 
S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 
versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 
18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions 
prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2- 
S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 
19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 
versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 
20.3R2; 20.4 versions prior to 20.4R1-S1, 20.4R2. 


2021-07-15 


not yet 
calculated 


CVE-2021-0285 
CONFIRM 





\juniper_networks -- junos_os 











A buffer overflow vulnerability in the TCP/IP stack of Juniper 


Networks Junos OS allows an attacker to send specific 
sequences of packets to the device thereby causing a Denial of 
Service (DoS). By repeatedly sending these sequences of 
packets to the device, an attacker can sustain the Denial of 
Service (DoS) condition. The device will abnormally shut down 
as a result of these sent packets. A potential indicator of 
compromise will be the following message in the log files: 
"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System 
abnormally shut down" These issue are only triggered by traffic 
destined to the device. Transit traffic will not trigger these 
issues. This issue affects: Juniper Networks Junos OS 12.3 
versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7- 
$10; 16.1 version 16.1R1 and later versions; 16.2 version 
16.2R1 and later versions; 17.1 version 17.1R1 and later 
versions; 17.2 version 17.2R1 and later versions; 17.3 version 
17.3R1 and later versions; 18.1 versions prior to 18.1R3-S13; 
18.2 version 18.2R1 and later versions; 18.3 versions prior to 
18.3R3-S5; 18.4 versions prior ot 18.4R3-S9; 19.1 versions 
prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 
versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 
19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 
versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 
versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 
21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R2. 








2021-07-15 





not yet 
calculated 











CVE-2021-0283 
CONFIRM 
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\juniper_networks -- junos_os 


Due to an Improper Initialization vulnerability in Juniper 
Networks Junos OS on PTX platforms and QFX10K Series with 
Paradise (PE) chipset-based line cards, ddos-protection 
configuration changes made from the CLI will not take effect as 
expected beyond the default DDoS (Distributed Denial of 
Service) settings in the Packet Forwarding Engine (PFE). This 
may cause BFD sessions to flap when a high rate of specific 
packets are received. Flapping of BFD sessions in turn may 
impact routing protocols and network stability, leading to a 
Denial of Service (DoS) condition. Continued receipt and 
processing of this packet will create a sustained Denial of 
Service (DoS) condition. This issue affects only the following 
platforms with Paradise (PE) chipset-based line cards: 
PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, 
PTX10016 Series and QFX10002 Series. This issue affects: 
Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 
on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3- 
S8 on PTX Series, QFX10K Series; 18.3 versions prior to 
18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior 
to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions 
prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 
versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 
19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K 
Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, 
QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, 
QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on 
PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on 
PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on 
PTX Series, QFX10K Series. 


2021-07-15 


not yet 
calculated 


CVE-2021-0280 
CONFIRM 








juniper_networks -- junos_os 


An Uncontrolled Resource Consumption vulnerability in the 
AARP daemon (arpd) and Network Discovery Protocol (ndp) 
process of Juniper Networks Junos OS Evolved allows a 
malicious attacker on the local network to consume memory 
resources, ultimately resulting in a Denial of Service (DoS) 
condition. Link-layer functions such as IPv4 and/or IPv6 
address resolution may be impacted, leading to traffic loss. The 
processes do not recover on their own and must be manually 
restarted. Changes in memory usage can be monitored using 
the following shell commands (header shown for clarity): 
user@router:/var/log# ps aux | grep arpd USER PID %CPU 
%MEM VSZ RSS TTY STAT START TIME COMMAND root 
31418 59.0 0.7 *5702564* 247952 ? xxx /usr/sbin/arpd --app- 
name arpd -| object_select --shared-objects-mode 3 
user@router:/var/log# ps aux | grep arpd USER PID %CPU 
%MEM VSZ RSS TTY STAT START TIME COMMAND root 
31418 49.1 1.0 *5813156* 351184 ? xxx /usr/sbin/arpd --app- 
name arpd -| object_select --shared-objects-mode 3 Memory 
usage can be monitored for the ndp process in a similar 
fashion: user@router:/var/log# ps aux | grep ndp USER PID 
%CPU %MEM VSZ RSS TTY STAT START TIME COMMAND 
root 14935 0.0 0.1 *5614052* 27256 ? SsI Jun15 0:17 
/usr/sbin/ndp -| no_tab_chk,object_select --app-name ndp -- 
shared-obje user@router:/var/log# ps aux | grep ndp USER 
PID %CPU %MEM VSZ RSS TTY STAT START TIME 
COMMAND root 14935 0.0 0.1 *5725164* 27256 ? SsI Jun15 
0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp 
--shared-obje This issue affects Juniper Networks Junos OS 
Evolved: 19.4 versions prior to 19.4R2-S3-EVO; 20.1 versions 
prior to 20.1R2-S4-EVO; all versions of 20.2-EVO. This issue 
does not affect Juniper Networks Junos OS Evolved versions 
prior to 19.4R2-EVO. 


2021-07-15 


not yet 
calculated 





CVE-2021-0292 
CONFIRM 





juniper_networks -- sbr_carrier 








A stack-based Buffer Overflow vulnerability in Juniper Networks 


SBR Carrier with EAP (Extensible Authentication Protocol) 
authentication configured, allows an attacker sending specific 
packets causing the radius daemon to crash resulting with a 
Denial of Service (DoS) or leading to remote code execution 
(RCE). By continuously sending this specific packets, an 
attacker can repeatedly crash the radius daemon, causing a 
sustained Denial of Service (DoS). This issue affects Juniper 
Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 





versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4. 








2021-07-15 


not yet 
calculated 








CVE-2021-0276 
CONFIRM 
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Primary iia . CVSS Source & Patch 
Vendor -- Product Pesenptlen Published Score Info 
Some Lenovo Notebook, ThinkPad, and Lenovo Desktop 
lenovo -- multiple_products systems have BIOS modules unprotected by Intel Boot Guard 2021-07-16 not yet ||CVE-2021-3453 
that could allow an attacker with physical access the ability to calculated |IMISC 
write to the SPI flash storage. 
A vulnerability was reported on some Lenovo Notebook 
lenovo -- notebook systems that could allow an attacker with physical access to 2021-07-16 not yet ||CVE-2021-3614 
elevate privileges under certain conditions during a BIOS calculated |IMISC 
update performed by Lenovo Vantage. 
[A DLL search path vulnerability was reported in Lenovo 
lenowe:-: POM anagse PCManager, prior to version 3.0.500.5102, that could allow 2021-07-16 | Toryer ee 
privilege escalation. 
lexmark -- The Lexmark Printer Software G2, G3 and G4 Installation not vet CVE-2021-35469 
printer_software_installation_pack@Baskages have a local escalation of privilege vulnerability due || 2021-07-14 Pelt ee MISC 
to a registry entry that has an unquoted service path. MISC 
ilar eee Division-By-Zero vulnerability in Libvips 8.10.5 in the function 2 : 
ibvips:—TiBvips vips_eye_point, eye.c#L83, and function vips_mask_point, 2021-07-15 tae ie aia 
mask.c#L85. calculated |MISC 
The MagicMotion Flamingo 2 application for Android stores a 7 
magicmotion -- flamingo_2 data on an sdcard under com.vt.magicmotion/files/Pictures, 2021-07-15 CS 
: ae calculated |IMISC 
whence it can be read by other applications. 
magicmotion -- flamingo_2 MagicMotion Flamingo 2 has a lack of access control for 2021-07-15 not yet ||CVE-2020-12729 
reading from device descriptors. calculated |IMISC 
magicmotion -- flamingo_2 MagicMotion Flamingo 2 lacks BLE encryption, enabling data 2021-07-15 not yet ||CVE-2020-12730 
sniffing and packet forgery. calculated |IMISC 
A vulnerability has been identified in Mendix Applications using 
Mendix 7 (All versions < V7.23.22), Mendix Applications using 
mendix -- mendix Mendix 8 (All versions < V8.18.7), Mendix Applications using 2021-07-13 not yet ||CVE-2021-33718 
Mendix 9 (All versions < V9.3.0). Write access checks of calculated ||CONFIRM 


attributes of an object could be bypassed, if user has a write 
permissions to the first attribute of this object. 





Micronaut is a JVM-based, full stack Java framework designed 


for building JVM applications. A path traversal vulnerability 
exists in versions prior to 2.5.9. With a basic configuration, it is 
possible to access any file from a filesystem, using "/../../" in the 





CVE-2021-32769 





























micronaut -- micronaut URL. This occurs because Micronaut does not restrict file not yet 
access to configured paths. The vulnerability is patched in Stet tAG calculated eee 
version 2.5.9. As a workaround, do not use *** in mapping, use ——— 
only ***, which exposes only flat structure of a directory not 
allowing traversal. If using Linux, another workaround is to run 
micronaut in chroot. 

microsoft -- defender Microsoft Defender Remote Code Execution Vulnerability This 2021-07-14 not yet ||CVE-2021-34522 
CVE ID is unique from CVE-2021-34464. calculated |IMISC 

microsoft -- directwrite DirectWrite Remote Code Execution Vulnerability 2021-07-14 || "otyet |CVE-2021-34489 

calculated |IMISC 

microsoft -- dynamics Dynamics Business Central Remote Code Execution 2021-07-14 not yet ||CVE-2021-34474 
Vulnerability calculated |IMISC 

microsoft -- excel Microsoft Excel Remote Code Execution Vulnerability This CVE 2021-07-14 not yet ||CVE-2021-34501 
ID is unique from CVE-2021-34518. calculated |IMISC 

microsoft -- excel Microsoft Excel Remote Code Execution Vulnerability This CVE 2021-07-14 not yet ||CVE-2021-34518 
ID is unique from CVE-2021-34501. calculated |IMISC 








microsoft -- exchange 


Microsoft Exchange Server Elevation of Privilege Vulnerability 


This CVE ID is unique from CVE-2021-33768, CVE-2021- 
34523. 


2021-07-14 


not yet 
calculated 


CVE-2021-34470 


MISC 








microsoft -- exchange 


Microsoft Exchange Server Remote Code Execution 
Vulnerability This CVE ID is unique from CVE-2021-31196, 
CVE-2021-31206. 


2021-07-14 


CVE-2021-34473 
MISC 


not yet 
calculated 



































. - Microsoft Exchange Server Elevation of Privilege Vulnerability i r 
INGIOS ON exhange This CVE ID is unique from CVE-2021-33768, CVE-2021- genoa || ete gee 
34470. ee ee 
microsoft -- office : i : si not yet ||CVE-2021-34469 
Microsoft Office Security Feature Bypass Vulnerability 2021-07-14 calculated MISC 
Helenoeith = ONIes Microsoft Office Online Server Spoofing Vulnerability 2021-07-16 || Motyet |CVE-2021-34451 
calculated |IMISC 
; . Microsoft SharePoint Server Remote Code Execution 
microsoft -- sharepoint Vulnerability This CVE ID is unique from CVE-2021-34467, 2021-07-14 || not yet a 
CVE-2021-34468. calculated (MISC 
microsoft -- sharepoint Microsoft SharePoint Server Information Disclosure 2021-07-14 not yet ||CVE-2021-34519 
Vulnerability calculated |IMISC 
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Primary re . CVSS Source & Patch 
Vendor -- Product peserpien Published | Score Info 
microsoft -- sharepoint : : : sis not yet ||CVE-2021-34517 
Microsoft SharePoint Server Spoofing Vulnerability 2021-07-14 calculated MISC 
: : Microsoft SharePoint Server Remote Code Execution 
IRICRGSONE == SURED SINE Vulnerability This CVE ID is unique from CVE-2021-34467, 2021-07-14 | voter eee 
CVE-2021-34520. ee 
: : Microsoft SharePoint Server Remote Code Execution 
ICE ANY se: ehenepelnt Vulnerability This CVE ID is unique from CVE-2021-34468, 2021-07-16 | Torvet | aii 
CVE-2021-34520. panels eae 
. é ‘A potential vulnerability in the system shutdown SMI callback 
microsont = thinkpad function in some ThinkPad models may allow an attacker with || 2021-07-16 not yet (GVE-2021-352 
a F calculated |IMISC 
local access and elevated privileges to execute arbitrary code. 
P , , Visual Studio Code .NET Runtime Elevation of Privilege not yet ||CVE-2021-34477 
microsoft -- visual_ studio Vulnerability 2021-07-14 calculated MISC 
P : ; : : : 7 ” not yet ||CVE-2021-34479 
microsoft -- visual_studio Microsoft Visual Studio Spoofing Vulnerability 2021-07-14 calculated |IMISC 
microsoft -- visual_ studio Visual Studio Code Remote Code Execution Vulnerability This 2021-07-14 not yet ||CVE-2021-34529 
CVE ID is unique from CVE-2021-34528. calculated |IMISC 
microsoft -- visual_ studio Visual Studio Code Remote Code Execution Vulnerability This 2021-07-14 not yet ||CVE-2021-34528 
CVE ID is unique from CVE-2021-34529. calculated |IMISC 
microsoft -- win32k . F ; * not yet ||CVE-2021-34491 
Win32k Information Disclosure Vulnerability 2021-07-14 calculated MISC 
microsoft -- win32k Win32k Elevation of Privilege Vulnerability This CVE ID is 2021-07-16 not yet ||CVE-2021-34449 
unique from CVE-2021-34516. calculated |IMISC 
microsoft -- win32k Win32k Elevation of Privilege Vulnerability This CVE ID is 2021-07-14 not yet ||CVE-2021-34516 
unique from CVE-2021-34449. calculated |IMISC 





microsoft -- windows 


Windows Remote Access Connection Manager Information 


Disclosure Vulnerability This CVE ID is unique from CVE-2021- 
33763, CVE-2021-34457. 


2021-07-16 


not yet 
calculated 


CVE-2021-34454 


MISC 








microsoft -- windows 


Windows Remote Access Connection Manager Information 
Disclosure Vulnerability This CVE ID is unique from CVE-2021- 
33763, CVE-2021-34454. 


2021-07-16 


not yet 
calculated 


[aig 


CVE-2021-34457 
MISC 





microsoft -- windows 


Windows MSHTML Platform Remote Code Execution 


Vulnerability This CVE ID is unique from CVE-2021-34497. 


2021-07-16 


not yet 
calculated 





CVE-2021-34447 


MISC 





microsoft -- windows 


Scripting Engine Memory Corruption Vulnerability 


2021-07-16 


not yet 
calculated 


i 


CVE-2021-34448 


MISC 

















Windows DNS Server Denial of Service Vulnerability This CVE 
microsoft -- windows ID is unique from CVE-2021-33745, CVE-2021-34442, CVE- || 2021-07-16 || "otyet ICVE-2021-34444 
calculated |IMISC 
2021-34499. 
. : : : . 7 not yet ||CVE-2021-34496 
microsoft -- windows Windows GDI Information Disclosure Vulnerability 2021-07-14 calculated MISC 








microsoft -- windows 


Windows Certificate Spoofing Vulnerability 


2021-07-14 


not yet 
calculated 


; 


CVE-2021-34492 
MISC 





microsoft -- windows 


Windows Kernel Remote Code Execution Vulnerability This 
CVE ID is unique from CVE-2021-34508. 


2021-07-16 


not yet 
calculated 





CVE-2021-34458 


MISC 





microsoft -- windows 


Windows Container Isolation FS Filter Driver Elevation of 
Privilege Vulnerability 


2021-07-16 


not yet 
calculated 


i 


CVE-2021-34461 


MISC 

















[Microsoft Windows Media Foundation Remote Code Execution | eee er? 
microsoft -- windows Vulnerability This CVE ID is unique from CVE-2021-34439, 2021-07-16 | a dimisc SOS 
CVE-2021-34503. calculate 
Microsoft Windows Media Foundation Remote Code Execution 
microsoft -- windows Vulnerability This CVE ID is unique from CVE-2021-34441, One| 
CVE-2021-34503. calculate S 





microsoft -- windows 


Storage Spaces Controller Elevation of Privilege Vulnerability 


This CVE ID is unique from CVE-2021-33751, CVE-2021- 
34510, CVE-2021-34512, CVE-2021-34513. 


2021-07-16 


not yet 
calculated 


i 


CVE-2021-34460 


MISC 




















iucteselt-wuindaws GDI+ Information Disclosure Vulnerability 2021-07-16 || Notyet |CVE-2021-34440 
calculated |IMISC 

microsoft -- windows Windows HTML Platforms Security Feature Bypass 2021-07-16 not yet ||CVE-2021-34446 
Vulnerability calculated |IMISC 





microsoft -- windows 


Windows File History Service Elevation of Privilege 
Vulnerability 


2021-07-16 


not yet 
calculated 


i 


CVE-2021-34455 


MISC 





microsoft -- windows 











Windows Remote Access Connection Manager Elevation of 


Privilege Vulnerability This CVE ID is unique from CVE-2021- 
33761, CVE-2021-33773, CVE-2021-34445. 








2021-07-16 





not yet 
calculated 











CVE-2021-34456 
MISC 
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Primary pas . CVSS Source & Patch 
Vendor -- Product Deserpien Published | Score Info 
: . Windows DNS Server Denial of Service Vulnerability This CVE 

nignesenn = Mania ID is unique from CVE-2021-33745, CVE-2021-34444, CVE- || 2021-07-16 ||_"otyet |{CVE-2021-34442 

calculated |IMISC 
2021-34499. 

microsoft -- windows Microsoft Defender Remote Code Execution Vulnerability This 2021-07-16 not yet ||CVE-2021-34464 
CVE ID is unique from CVE-2021-34522. calculated |IMISC 

ieOEGN = WinGDWe Windows Print Spooler Elevation of Privilege Vulnerability porio7i6 || Notyet | EvEsmbet-os61 
calculated |IMISC 

microsoft -- windows Windows AppX Deployment Extensions Elevation of Privilege 2021-07-16 not yet ||CVE-2021-34462 
Vulnerability calculated |IMISC 

microsoft -- windows Windows TCP/IP Driver Denial of Service Vulnerability This 2021-07-14 not yet ||CVE-2021-34490 
CVE ID is unique from CVE-2021-31183, CVE-2021-33772. calculated |IMISC 

microsoft -- windows ; F , ae as not yet ||CVE-2021-34488 
Windows Console Driver Elevation of Privilege Vulnerability 2021-07-14 calculated |IMISC 

microsoft -- windows Windows Partition Management Driver Elevation of Privilege not yet ||CVE-2021-34493 

a 2021-07-14 

Vulnerability calculated |IMISC 

microsoft -- windows : ; a not yet ||CVE-2021-34476 
Bowser.sys Denial of Service Vulnerability 2021-07-14 calculated |IMISC 

microsoft -- windows : : . 5 i: not yet ||CVE-2021-34459 
Windows AppContainer Elevation Of Privilege Vulnerability 2021-07-16 calculated MISC 

microsoft -- windows : : Pe not yet ||CVE-2021-34466 
Windows Hello Security Feature Bypass Vulnerability 2021-07-16 calculated |IMISC 





microsoft -- windows 


Windows Font Driver Host Remote Code Execution 
Vulnerability 


2021-07-16 


not yet 
calculated 


i 


CVE-2021-34438 


MISC 

















: : Windows Remote Access Connection Manager Elevation of 
TI GEEI = nD We Privilege Vulnerability This CVE ID is unique from CVE-2021- | 2021-07-16 | novel oo 
33761, CVE-2021-33773, CVE-2021-34456. MISC 
: ; Windows DNS Server Remote Code Execution Vulnerability 
PIGhGS ar MUNGEWs This CVE ID is unique from CVE-2021-33746, CVE-2021- 2021-07-14 |] Tot yet aa 
33754, CVE-2021-33780, CVE-2021-34525. MISC 





microsoft -- windows 


Storage Spaces Controller Elevation of Privilege Vulnerability 


This CVE ID is unique from CVE-2021-33751, CVE-2021- 
34460, CVE-2021-34510, CVE-2021-34513. 


2021-07-14 


not yet 
calculated 


i 


CVE-2021-34512 


MISC 






































mignascn = Windows Windows GDI Elevation of Privilege Vulnerability 2021-07-14 ||_Notyet /CVE-2021-34498 
calculated |IMISC 

microsoft -- windows : ‘ i not yet ||CVE-2021-34450 
Windows Hyper-V Remote Code Execution Vulnerability 2021-07-16 calculated |IMISC 

microsoft -- windows Windows MSHTML Platform Remote Code Execution 2021-07-14 not yet ||CVE-2021-34497 
Vulnerability This CVE ID is unique from CVE-2021-34447. calculated |IMISC 

microsoft -- windows : : ; = not yet ||CVE-2021-34500 
Windows Kernel Memory Information Disclosure Vulnerability 2021-07-14 calculated |IMISC 





microsoft -- windows 


Storage Spaces Controller Elevation of Privilege Vulnerability 


This CVE ID is unique from CVE-2021-33751, CVE-2021- 
34460, CVE-2021-34510, CVE-2021-34512. 


2021-07-14 


not yet 
calculated 


CVE-2021-34513 


MISC 








microsoft -- windows 


Windows DNS Server Remote Code Execution Vulnerability 
This CVE ID is unique from CVE-2021-33746, CVE-2021- 
33754, CVE-2021-33780, CVE-2021-34494. 


2021-07-14 


not yet 
calculated 


[aig 


CVE-2021-34525 
MISC 





microsoft -- windows 


Raw Image Extension Remote Code Execution Vulnerability 


2021-07-14 


not yet 
calculated 





CVE-2021-34521 


MISC 





microsoft -- windows 


Windows DNS Server Denial of Service Vulnerability This CVE 


ID is unique from CVE-2021-33745, CVE-2021-34442, CVE- 
2021-34444. 


2021-07-14 


not yet 
calculated 


i 


CVE-2021-34499 


MISC 




















microsoft - windows Windows Address Book Remote Code Execution Vulnerability || 2021-07-14 || "otyet |CWE-2021-34504 
calculated |IMISC 

microsoft -- windows Windows Remote Assistance Information Disclosure 2021-07-14 not yet ||CVE-2021-34507 
Vulnerability calculated |IMISC 





microsoft -- windows 


Windows Kernel Remote Code Execution Vulnerability This 


CVE ID is unique from CVE-2021-34458. 


2021-07-14 


not yet 
calculated 


i 


CVE-2021-34508 


MISC 





microsoft -- windows 


Storage Spaces Controller Information Disclosure Vulnerability 


2021-07-14 


not yet 
calculated 





CVE-2021-34509 


MISC 





microsoft -- windows 


Storage Spaces Controller Elevation of Privilege Vulnerability 


This CVE ID is unique from CVE-2021-33751, CVE-2021- 
34460, CVE-2021-34512, CVE-2021-34513. 


2021-07-14 


not yet 
calculated 


i 


CVE-2021-34510 


MISC 















































NCEE RAD W= Windows Installer Elevation of Privilege Vulnerability 2021-07-14 || Notyet /CVE-2021-34511 
calculated |IMISC 

microsoft -- windows Windows Kernel Elevation of Privilege Vulnerability This CVE 2021-07-14 not yet ||CVE-2021-34514 
ID is unique from CVE-2021-31979, CVE-2021-33771. calculated ||MISC 
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microsoft -- windows 


Microsoft Windows Media Foundation Remote Code Execution 
Vulnerability This CVE ID is unique from CVE-2021-34439, 
CVE-2021-34441. 


2021-07-14 


not yet 
calculated 





CVE-2021-34503 
MISC 








microsoft -- windows_ server 


Windows LSA Denial of Service Vulnerability 


2021-07-14 


not yet 
calculated 





CVE-2021-33788 
MISC 








microsoft -- windows_ server 


Windows LSA Security Feature Bypass Vulnerability 


2021-07-14 


not yet 
calculated 





CVE-2021-33786 
MISC 








microsoft -- word 


Microsoft Word Remote Code Execution Vulnerability 


2021-07-16 


not yet 
calculated 





CVE-2021-34452 
MISC 








miktorik -- routeros 


Mikrotik RouterOs through stable version 6.48.3 suffers from a 
memory corruption vulnerability in the /nova/bin/detnet process. 
An authenticated remote attacker can cause a Denial of 
Service (NULL pointer dereference). 


2021-07-14 


not yet 
calculated 


CVE-2020-20231 
MISC 
MISC 








mitsubishi -- 
electric_air_conditioning_system 


Incorrect Implementation of Authentication Algorithm in 
Mitsubishi Electric Air Conditioning System/Centralized 
Controllers (G-50A Ver.2.50 to Ver. 3.35, GB-50A Ver.2.50 to 
Ver. 3.35, AG-150A-A Ver.3.20 and prior, AG-150A-J Ver.3.20 
and prior, GB-50ADA-A Ver.3.20 and prior, GB-5OADA-J 
Ver.3.20 and prior, EB-50GU-A Ver 7.09 and prior, EB-50GU-J 
er 7.09 and prior, AE-200A Ver 7.93 and prior, AE-200E Ver 
7.93 and prior, AE-50A Ver 7.93 and prior, AE-50E Ver 7.93 
and prior, EW-50A Ver 7.93 and prior, EW-50E Ver 7.93 and 
prior, TE-200A Ver 7.93 and prior, TE-50A Ver 7.93 and prior, 
TW-50A Ver 7.93 and prior, CMS-RMD-J Ver.1.30 and prior) 
and Air Conditioning System/Expansion Controllers (PAC- 
'YYG50ECA Ver.2.20 and prior) allows a remote authenticated 
attacker to impersonate administrators to disclose configuration 
information of the air conditioning system and tamper 
information (e.g. operation information and configuration of air 
conditioning system) by exploiting this vulnerability. 


2021-07-13 


not yet 
calculated 


CVE-2021-20593 
MISC 
MISC 








mitsubishi -- 
electric_air_conditioning_system 


Improper Restriction of XML External Entity Reference 
vulnerability in Mitsubishi Electric Air Conditioning 
System/Centralized Controllers (G-50A Ver.3.35 and prior, GB- 
50A Ver.3.35 and prior, GB-24A Ver.9.11 and prior, AG-150A-A 
Mer.3.20 and prior, AG-150A-J Ver.3.20 and prior, GB-50ADA-A 
Ver.3.20 and prior, GB-50ADA-J Ver.3.20 and prior, EB-50GU-A 
Ver 7.09 and prior, EB-50GU-J Ver 7.09 and prior, AE-200A Ver 
7.93 and prior, AE-200E Ver 7.93 and prior, AE-50A Ver 7.93 
and prior, AE-50E Ver 7.93 and prior, EW-50A Ver 7.93 and 
prior, EW-50E Ver 7.93 and prior, TE-200A Ver 7.93 and prior, 
TE-50A Ver 7.93 and prior, TW-50A Ver 7.93 and prior, CMS- 
RMD-J Ver.1.30 and prior), Air Conditioning System/Expansion 
Controllers (PAC-YG50ECA Ver.2.20 and prior) and Air 
Conditioning System/BM adapter(BAC-HD150 Ver.2.21 and 
prior) allows a remote unauthenticated attacker to disclose 
some of data in the air conditioning system or cause a DoS 
condition by sending specially crafted packets. 


2021-07-13 


not yet 
calculated 


CVE-2021-20595 
MISC 
MISC 








nightscout -- web_monitor 


Nightscout Web Monitor (aka cgm-remote-monitor) 14.2.2 
allows XSS via a crafted X-Forwarded-For header. 


2021-07-16 


not yet 
calculated 


CVE-2021-36755 
MISC 








ok-file-formats -- ok-file-formats 


[A heap-based buffer overflow vulnerability in the function 
ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file- 
formats through 2020-06-26 allows attackers to cause a Denial 
of Service (DOS) via a crafted jpeg file. 





2021-07-15 


not yet 
calculated 


CVE-2020-23707 
MISC 








ok-file-formats -- ok-file-formats 


[A heap-based buffer overflow vulnerability in the function 
ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok- 
file-formats through 2020-06-26 allows attackers to cause a 
Denial of Service (DOS) via a crafted jpeg file. 





2021-07-15 


not yet 
calculated 


CVE-2020-23706 
MISC 











palo_alto_networks -- cortex_xdr 





A local privilege escalation (PE) vulnerability exists in the Palo 
Alto Networks Cortex XDR agent on Windows platforms that 
enables an authenticated local Windows user to execute 
programs with SYSTEM privileges. Exploiting this vulnerability 
requires the user to have file creation privilege in the Windows 
root directory (such as C:\). This issue impacts: All versions of 
Cortex XDR agent 6.1 without content update 181 or a later 
version; All versions of Cortex XDR agent 7.2 without content 
update 181 or a later version; All versions of Cortex XDR agent 
7.3 without content update 181 or a later version. Cortex XDR 
agent 5.0 versions are not impacted by this issue. Content 
updates are required to resolve this issue and are automatically 








applied for the agent. 





2021-07-15 





not yet 
calculated 





CVE-2021-3042 
MISC 
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Primary re . CVSS Source & Patch 
Vendor -- Product Desenprlen Published Score Info 
** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1 
éline nelle allows denial of service via a reachable assertion during nat vet a 
i a parsing of a malformed Range header. NOTE: This vulnerability 2021-07-15 || 71° he ad iter 
only affects products that are no longer supported by the ” MISC 
maintainer. ceases 
A reflected cross-site scripting (XSS) vulnerability exists in the 
Prisma Cloud Compute web console that enables a remote 
attacker to execute arbitrary JavaScript code in the browser- 
based web console while an authenticated administrator is 
prisma -- cloud_compute using that web interface. Prisma Cloud Compute SaaS 2021-07-15 not yet ||CVE-2021-3043 
versions were automatically upgraded to the fixed release. No calculated |IMISC 
additional action is required for these instances. This issue 
impacts: Prisma Cloud Compute 20.12 versions earlier than 
Prisma Cloud Compute 20.12.552; Prisma Cloud Compute 
21.04 versions earlier than Prisma Cloud Compute 21.04.439. 
A heap buffer overflow vulnerability in the r_asm_swf_disass CVE-2020-24133 
radarorg -- radare2-extras function of Radare2-extras before commit e74a93c allows 2021-07-14 not yet ||MISC 
attackers to execute arbitrary code or carry out denial of calculated |IMISC 
service (DOS) attacks. MISC 
A Improper Access Control vulnerability in Rancher, allows 
users in the cluster to make request to cloud providers by 
creating requests with the cloud-credential ID. Rancher in this not yet ||CVE-2021-25320 
Pannen sian ener case would attach the requested credentials without further 2021-07-15 | calculated [CONFIRM 
checks This issue affects: Rancher versions prior to 2.5.9; 
Rancher versions prior to 2.4.16. 
A Incorrect Permission Assignment for Critical Resource 
vulnerability in Rancher allows users in the cluster to modify 
banghenstananel: resources they should not have access to. This issue affects: 2021-07-15 i Ses 
3 é ‘ : . calculated ||CONFIRM 
Rancher versions prior to 2.5.9 ; Rancher versions prior to 
2.4.16. 
[A Reliance on Untrusted Inputs in a Security Decision 
vulnerability in Rancher allows users in the cluster to act as 
panehels= fancier others users in the cluster by forging the "Impersonate-User" or || 2021-07-15 ae ee ee 
"Impersonate-Group" headers. This issue affects: Rancher calculated (NanM 
versions prior to 2.5.9. Rancher versions prior to 2.4.16. 
: ; An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers CVE-2020-29157 
omer to perform a DLL hijacking attack when the service or system is||_ 2021-07-14 na a MISC 
restarted. cammtaaaaiel (lo * 
An issue was discovered in Ruby through 2.6.7, 2.7.x through 
2.7.3, and 3.x through 3.0.1. A malicious FTP server can use 
ruby -- ruby the PASV response to trick Net::FTP into connecting back to a not yet CVE-2021-31810 
given IP address and port. This potentially makes curl extract 2021-07-13 Saiculaied MISC 
information about services that are otherwise private and not MISC 
disclosed (e.g., the attacker can conduct port scans and 
service banner extractions). 
In Rust SGX 1.1.3, a side-channel vulnerability in base64 PEM 
file decoding allows system-level (administrator) attackers to CVE-2021-24117 
rust -- sgx obtain information about secret RSA keys via a controlled- 2021-07-14 not yet ||MISC 
channel and side-channel attack on software running in calculated |IMISC 
isolated environments that can be single stepped, especially MISC 
Intel SGX. 
A vulnerability has been identified in RWG1.M12 (All versions < 
1.16.16), RWG1.M12D (All versions < V1.16.16), RWG1.M8 
rwg1.m12 -- rwg1.m12 (All versions < V1.16.16). Sending specially crafted ARP 2021-07-13 not yet ||CVE-2021-25671 
packets to an affected device could cause a partial denial-of- calculated ||CONFIRM 
service, preventing the device to operate normally. A restart is 
needed to restore normal operations. 
SAP NetWeaver AS ABAP and ABAP Platform, versions - 
KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 
7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 
7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 
sap ~ netweaver 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, not yet CVE-2021-33684 
7.22EXT, 7.49, 7.53, 7.77, 7.81, 7.84, allows an attacker to 2021-07-14 calculated MISC 
send overlong content in the RFC request type thereby MISC 
crashing the corresponding work process because of memory 
corruption vulnerability. The work process will attempt to restart 
itself after the crash and hence the impact on the availability is 
low. 
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SAP Web Dispatcher and Internet Communication Manager 
(ICM), versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 
KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 
7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 
7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 
PP  spatcher and internet confZiSticeben SS, SERNEL 7.21, 7.22, 7.49, 7.53, 7.73,7.77, | ooo4.o7-14 || not yet a 
wep dlspatenel_aliduintemet cong CAN TN ee cess invalid HTTP header. The incorrect ie calculated MISC 
handling of the invalid Transfer-Encoding header in a particular feces 
manner leads to a possibility of HTTP Request Smuggling 
attack. An attacker could exploit this vulnerability to bypass 
web application firewall protection, divert sensitive data such as 
customer requests, session credentials, etc. 
CVE-2021-36753 
sharkdp -- bat sharkdp BAT before 0.18.2 executes less.exe from the current 2021-07-15 not yet nee 
working directory. ore. calculated |injicc 
MISC 
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siemens -- multiple_products 








A vulnerability has been identified in Development/Evaluation 
Kits for PROFINET IO: DK Standard Ethernet Controller (All 
versions), Development/Evaluation Kits for PROFINET IO: EK- 
ERTEC 200 (All versions), Development/Evaluation Kits for 
PROFINET IO: EK-ERTEC 200P (All versions), RUGGEDCOM 
RM1224 (All Versions < 6.4), SCALANCE M-800 (All Versions 
< 6.4), SCALANCE S615 (All Versions < 6.4), SCALANCE 
W1700 IEEE 802.11ac (All versions), SCALANCE W700 IEEE 
802.11n (All versions), SCALANCE X200-4 P IRT (All Versions 
< V5.5.0), SCALANCE X201-3P IRT (All Versions < V5.5.0), 
SCALANCE X201-3P IRT PRO (All Versions < V5.5.0), 
SCALANCE X202-2 IRT (All Versions < V5.5.0), SCALANCE 
X202-2P IRT (incl. SIPLUS NET variant) (All Versions < 
5.5.0), SCALANCE X202-2P IRT PRO (All Versions < 
5.5.0), SCALANCE X204 IRT (All Versions < V5.5.0), 
SCALANCE X204 IRT PRO (All Versions < V5.5.0), 
SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions), 
SCALANCE X204-2FM (All versions), SCALANCE X204-2LD 
(incl. SIPLUS NET variant) (All versions), SCALANCE X204- 
2LD TS (All versions), SCALANCE X204-2TS (All versions), 
SCALANCE X206-1 (All versions), SCALANCE X206-1LD (incl. 
SIPLUS NET variant) (All versions), SCALANCE X208 (incl. 
SIPLUS NET variant) (All versions), SCALANCE X208PRO (All 
versions), SCALANCE X212-2 (All versions), SCALANCE 
X212-2LD (All versions), SCALANCE X216 (All versions), 
SCALANCE X224 (All versions), SCALANCE X302-7EEC (All 
versions), SCALANCE X304-2FE (All versions), SCALANCE 
X306-1LDFE (All versions), SCALANCE X307-2EEC (All 
versions), SCALANCE X307-3 (All versions), SCALANCE 
X307-3LD (All versions), SCALANCE X308-2 (incl. SIPLUS 
NET variant) (All versions), SCALANCE X308-2LD (All 
versions), SCALANCE X308-2LH (All versions), SCALANCE 
X308-2LH+ (All versions), SCALANCE X308-2M (All versions), 
SCALANCE X308-2M POE (All versions), SCALANCE X308- 
2M TS (All versions), SCALANCE X310 (All versions), 
SCALANCE X310FE (All versions), SCALANCE X320-1FE (All 
versions), SCALANCE X320-3LDFE (All versions), SCALANCE 
XB-200 (All versions), SCALANCE XC-200 (All versions), 
SCALANCE XF-200BA (All versions), SCALANCE XF201-3P 
IRT (All Versions < V5.5.0), SCALANCE XF202-2P IRT (All 
Versions < V5.5.0), SCALANCE XF204 (All versions), 
SCALANCE XF204 IRT (All Versions < V5.5.0), SCALANCE 
XF204-2 (incl. SIPLUS NET variant) (All versions), SCALANCE 
XF204-2BA IRT (All Versions < V5.5.0), SCALANCE XF206-1 
(All versions), SCALANCE XF208 (All versions), SCALANCE 
XM400 (All versions < V6.3.1), SCALANCE XP-200 (All 
versions), SCALANCE XR-300WG (All versions), SCALANCE 
XR324-12M (All versions), SCALANCE XR324-12M TS (All 
versions), SCALANCE XR324-4M EEC (All versions), 
SCALANCE XR324-4M POE (All versions), SCALANCE 
XR324-4M POE TS (All versions), SCALANCE XR500 (All 
versions < V6.3.1), SIMATIC CFU PA (All versions), SIMATIC 
IE/PB-LINK V3 (All versions), SIMATIC MV500 family (All 
versions < V3.0), SIMATIC NET CM 1542-1 (All versions), 
SIMATIC NET CP1616/CP1604 (All Versions >= V2.7), 
SIMATIC NET CP1626 (All versions), SIMATIC NET DK-16xx 
PN IO (All Versions >= V2.7), SIMATIC PROFINET Driver (All 
versions), SIMATIC Power Line Booster PLB, Base Module 
(MLFB: 6ES7972-5AA10-0AB0) (All versions), SIMATIC S7- 
1200 CPU family (incl. SIPLUS variants) (All Versions < V4.5), 
SIMOCODE proV Ethernet/IP (All versions < V1.1.3), 
SIMOCODE proV PROFINET (All versions < V2.1.3), 
SOFTNET-IE PNIO (All versions). Affected devices contain a 
vulnerability that allows an unauthenticated attacker to trigger a 
denial-of-service condition. The vulnerability can be triggered if 





a large amount of DCP reset packets are sent to the device. 








2021-07-13 





not yet 
calculated 








CVE-2020-28400 
CONFIRM 
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siemens -- sinumerik 


A vulnerability has been identified in SINUMERIK Analyse 
MyCondition (All versions), SINUMERIK Analyze 
MyPerformance (All versions), SINUMERIK Analyze 
MyPerformance /OEE-Monitor (All versions), SINUMERIK 
Analyze MyPerformance /OEE-Tuning (All versions), 
SINUMERIK Integrate Client 02 (All versions >= V02.00.12 < 
02.00.18), SINUMERIK Integrate Client 03 (All versions >= 
03.00.12 < 03.00.18), SINUMERIK Integrate Client 04 
(V04.00.02 and all versions >= V04.00.15 < 04.00.18), 
SINUMERIK Integrate for Production 4.1 (All versions < V4.1 
SP10 HF3), SINUMERIK Integrate for Production 5.1 (V5.1), 
SINUMERIK Manage MyMachines (All versions), SINUMERIK 
Manage MyMachines /Remote (All versions), SINUMERIK 
Manage MyMachines /Spindel Monitor (All versions), 
SINUMERIK Manage MyPrograms (All versions), SINUMERIK 
Manage MyResources /Programs (All versions), SINUMERIK 
Manage MyResources /Tools (All versions), SINUMERIK 
Manage MyTools (All versions), SINUMERIK Operate V4.8 (All 
versions < V4.8 SP8), SINUMERIK Operate V4.93 (All versions 
< V4.93 HF7), SINUMERIK Operate V4.94 (All versions < 
4.94 HF5), SINUMERIK Optimize MyProgramming /NX-Cam 
Editor (All versions). Due to an error in a third-party 
dependency the ssl flags used for setting up a TLS connection 
to a server are overwitten with wrong settings. This results in a 
missing validation of the server certificate and thus in a 
possible TLS MITM szenario. 


2021-07-13 


not yet 
calculated 


CVE-2021-31892 
CONFIRM 








siemens -- simatic_pcs 


A vulnerability has been identified in SIMATIC PCS 7 V8.2 and 
earlier (All versions), SIMATIC PCS 7 V9.X (All versions), 
SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All 
versions < V5.7), SINAMICS STARTER (containing STEP 7 
OEM version) (All versions). A directory containing metafiles 
relevant to devices' configurations has write permissions. An 
attacker could leverage this vulnerability by changing the 
content of certain metafiles and subsequently manipulate 
parameters or behavior of devices that would be later 
configured by the affected software. 


2021-07-13 


not yet 
calculated 


CVE-2021-31894 
CONFIRM 








siemens -- simatic_pcs 








A vulnerability has been identified in SIMATIC PCS 7 V8.2 and 
earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 
SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 
V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER 
(containing STEP 7 OEM version) (All versions < V5.4 HF2). 
The affected software contains a buffer overflow vulnerability 
while handling certain files that could allow a local attacker to 
trigger a denial-of-service condition or potentially lead to 





remote code execution. 








2021-07-13 





not yet 
calculated 








CVE-2021-31893 
CONFIRM 
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siemens -- 





multiple_ruggedcomros_products 








A vulnerability has been identified in RUGGEDCOM ROS 
M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All 
versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < 
v4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), 
RUGGEDCOM ROS RMC20 (All versions < V4.3.7), 
RUGGEDCOM ROS RMC30 (All versions < V4.3.7), 
RUGGEDCOM ROS RMC40 (All versions < V4.3.7), 
RUGGEDCOM ROS RMC41 (All versions < V4.3.7), 
RUGGEDCOM ROS RMC8388 V4.X (All versions < V4.3.7), 
RUGGEDCOM ROS RMC8388 V5.X (All versions < V5.5.4), 
RUGGEDCOM ROS RP110 (All versions < V4.3.7), 
RUGGEDCOM ROS RS400 (All versions < V4.3.7), 
RUGGEDCOM ROS RS401 (All versions < V4.3.7), 
RUGGEDCOM ROS RS416 (All versions < V4.3.7), 
RUGGEDCOM ROS RS416v2 V4.X (All versions < V4.3.7), 
RUGGEDCOM ROS RS416v2 V5.X (All versions < 5.5.4), 
RUGGEDCOM ROS RS8000 (All versions < V4.3.7), 
RUGGEDCOM ROS RS8000A (All versions < V4.3.7), 
RUGGEDCOM ROS RS8000H (All versions < V4.3.7), 
RUGGEDCOM ROS RS8000T (All versions < V4.3.7), 
RUGGEDCOM ROS RS900 (32M) V4.X (All versions < 
v4.3.7), RUGGEDCOM ROS RS900 (32M) V5.X (All versions 
< V5.5.4), RUGGEDCOM ROS RS900G (All versions < 
v4.3.7), RUGGEDCOM ROS RS900G (32M) V4.X (All versions 
< V4.3.7), RUGGEDCOM ROS RS900G (32M) V5.X (All 
versions < V5.5.4), RUGGEDCOM ROS RS900GP (All 
versions < V4.3.7), RUGGEDCOM ROS RS9OOL (All versions 
< V4.3.7), RUGGEDCOM ROS RS900W (All versions < 
v4.3.7), RUGGEDCOM ROS RS910 (All versions < V4.3.7), 
RUGGEDCOM ROS RS910L (All versions < V4.3.7), 
RUGGEDCOM ROS RS910W (All versions < V4.3.7), 
RUGGEDCOM ROS RS920L (All versions < V4.3.7), 
RUGGEDCOM ROS RS920W (All versions < V4.3.7), 
RUGGEDCOM ROS RS930L (All versions < V4.3.7), 
RUGGEDCOM ROS RS930W (All versions < V4.3.7), 
RUGGEDCOM ROS RS940G (All versions < V4.3.7), 
RUGGEDCOM ROS RS969 (All versions < V4.3.7), 
RUGGEDCOM ROS RSG2100 (32M) V4.X (All versions < 
v4.3.7), RUGGEDCOM ROS RSG2100 (32M) V5.X (All 
versions < V5.5.4), RUGGEDCOM ROS RSG2100 V4.X (All 
versions < V4.3.7), RUGGEDCOM ROS RSG2100P (All 
versions < V4.3.7), RUGGEDCOM ROS RSG2100P (32M) 
'V4.X (All versions < V4.3.7), RUGGEDCOM ROS RSG2100P 
(32M) V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG2200 (All versions < V4.3.7), RUGGEDCOM ROS 
RSG2288 V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG2288 V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG2300 V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG2300 V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG2300P V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG2300P V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG2488 V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG2488 V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG900 V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG900 V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG900C (All versions < V5.5.4), RUGGEDCOM ROS 
RSG900G V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG900G V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSG9OOR (All versions < V5.5.4), RUGGEDCOM ROS 
RSG920P V4.X (All versions < V4.3.7), RUGGEDCOM ROS 
RSG920P V5.X (All versions < V5.5.4), RUGGEDCOM ROS 
RSL910 (All versions < V5.5.4), RUGGEDCOM ROS RST2228 
(All versions < V5.5.4), RUGGEDCOM ROS RST916C (All 
versions < V5.5.4), RUGGEDCOM ROS RST916P (All 
versions < V5.5.4), RUGGEDCOM ROS i800 (All versions < 
v4.3.7), RUGGEDCOM ROS i801 (All versions < V4.3.7), 
RUGGEDCOM ROS i802 (All versions < V4.3.7), 
RUGGEDCOM ROS i803 (All versions < V4.3.7). The DHCP 
client in affected devices fails to properly sanitize incoming 
DHCP packets. This could allow an unauthenticated remote 
attacker to cause memory to be overwritten, potentially allowing 
remote code execution. 








2021-07-13 





not yet 
calculated 








CVE-2021-31895 
CONFIRM 
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via clearnet, thus exposing the IP address of the user. The 
problem is fixed in MuWire 0.8.8. As a workaround, users can 
disable messaging functionality to prevent other users from 
sending them malicious messages. 





Prima igs . CVSS Source & Patch 
Vendor -- Prcdiel Desenptlen Published Score Info 
Microsoft discovered a remote code execution (RCE) 
vulnerability in the SolarWinds Serv-U product utilizing a 
. Remote Memory Escape Vulnerability. If exploited, a threat CVE-2021-35211 
eclanvinds:Senru actor may be able to gain privileged access to the machine 2021-07-14 Bi ae MISC 
hosting Serv-U Only. SolarWinds Serv-U Managed File . MISC 
Transfer and Serv-U Secure FTP for Windows before 15.2.3 
HF2 are affected by this vulnerability. 
A vulnerability has been identified in Teamcenter Active 
Workspace V4 (All versions < V4.3.9), Teamcenter Active 
teamcenter -- active_workspace __||Workspace V5.0 (All versions < V5.0.7), Teamcenter Active 2021-07-13 not yet ||CVE-2021-33709 
Workspace V5.1 (All versions < V5.1.4). By sending malformed calculated ||CONFIRM 
requests, a remote attacker could leak an application token due 
to an error not properly handled by the system. 
A vulnerability has been identified in Teamcenter Active 
Workspace V4 (All versions < V4.3.9), Teamcenter Active 
Workspace V5.0 (All versions < V5.0.7), Teamcenter Active 
teamcenter -- active_workspace __||Workspace V5.1 (All versions < V5.1.4). A reflected cross-site 2021-07-13 not yet ||CVE-2021-33710 
scripting (XSS) vulnerability exists in the web interface of the calculated ||CONFIRM 
affected devices that could allow an attacker to execute 
malicious JavaScript code by tricking users into accessing a 
malicious link. 
A vulnerability has been identified in Teamcenter Active 
Workspace V4 (All versions < V4.3.9), Teamcenter Active 
teamcenter -- active_workspace __||Workspace V5.0 (All versions < V5.0.7), Teamcenter Active 2021-07-13 not yet ||CVE-2021-33711 
Workspace V5.1 (All versions < V5.1.4). The affected calculated ||CONFIRM 
application allows verbose error messages which allow leaking 
of sensitive information, such as full paths. 
A reordering issue exists in Telegram before 7.8.1 for Android, 
telegram -- telegram Telegram before 7.8.3 for iOS, and Telegram Desktop before 2021-07-17 not yet ||CVE-2021-36769 
2.8.8. An attacker can cause the server to receive messages in calculated |IMISC 
a different order than they were sent a client. 
thinkcmf -- thinkcmf Cross Site Request Forgerly (CSRF) vulnerability in ThinkKCMF 2021-07-14 not yet ||CVE-2020-18151 
v5.1.0, which can add an admin account. calculated ||MISC 
In Trusted Firmware Mbed TLS 2.24.0, a side-channel 
vulnerability in base64 PEM file decoding allows system-level CVE-2021-24119 
trusted_firmware_mbed -- tls (administrator) attackers to obtain information about secret 2021-07-14 not yet MSC... 
RSA keys via a controlled-channel and side-channel attack on calculated MISC 
software running in isolated environments that can be single _——— 
stepped, especially Intel SGX. 
: Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 CVE-2021-35056 
Biilsys Steal has an unquoted Windows search path for a scheduled task. 2021-07-15 aa on MISC 
An unintended executable might run. calculated CONFIRM 
uri.js -- urijs not yet — 
; : URI.js is vulnerable to URL Redirection to Untrusted Site 2021-07-16 calculated MISC 
CONFIRM 
Varnish Cache, with HTTP/2 enabled, allows request CVE-2021-36740 
vanish=aeaehe smuggling and VCL authorization bypass via a large Content- not yet MISC 
Length header for a POST request. This affects Varnish 2021-07-14 calculated MISC 
Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x MISC 
before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8. MISC 
In wolfSSL through 4.6.0, a side-channel vulnerability in 
base64 PEM file decoding allows system-level (administrator) CVE-2021-24116 
wolfssl -- wolfssl attackers to obtain information about secret RSA keys via a 2021-07-14 not yet MISC... 
controlled-channel and side-channel attack on software running calculated CONFIRM 
in isolated environments that can be single stepped, especially eee 
Intel SGX. 
MuWire is a file publishing and networking tool that protects the 
identity of its users by using I2P technology. Users of MuWire 
desktop client prior to version 0.8.8 can be de-anonymized by 
an attacker who knows their full ID. An attacker could send a 
wuwire -- wuwire message with a subject line containing a URL with an HTML 2021-07-15 not yet ||CVE-2021-32750 
image tag and the MuWire client would try to fetch that image calculated ||CONFIRM 





ysoft -- safeq 








Incorrect privileges in the MU55 FlexiSpooler service in YSoft 


SafeQ 6 6.0.55 allows local user privilege escalation by 
overwriting the executable file via an alternative data stream. 











2021-07-14 


not yet 
calculated 








CVE-2021-31859 


MISC 
MISC 
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zoho_manageengine -- F 
admanager_plus Zoho ManageEngine ADManager Plus before 7110 allows 2021-07-17 not yet ||CVE-2021-33911 
remote code execution. calculated |IMISC 





zoho_manageengine -- 





CVE-2021-36771 











Zoho ManageEngine ADManager Plus before 7110 allows not yet 
admenager plus reflected XSS. 2021-07-17 | calculated |MISC 
zoho_manageengine -- : 
= Zoho ManageEngine ADManager Plus before 7110 allows not yet ||CVE-2021-36772 
admanager plus stored XSS. 2021-07-17 | calculated |[MISC 





The Zscaler Client Connector for Windows prior to 2.1.2.74 had 


a stack based buffer overflow when connecting to 


























execute arbitrary code in the SYSTEM context. 














Pees ee Renee misconfigured TLS servers. An adversary would potentially 2021-07-15 Raver ees 
have been able to execute arbitrary code with system —— 
privileges. 

a, The Zscaler Client Connector prior to 2.1.2.150 did not quote i " 

ae en ee the search path for services, which allows a local adversary to || 2021-07-15 Bh irae ae 
execute code with system privileges. fer 
The Zscaler Client Connector for Windows prior to 2.1.2.105 

zscaler -- client_connector had a DLL hijacking vulnerability caused due to the 2021-07-15 not yet ||CVE-2020-11634 
configuration of OpenSSL. A local adversary may be able to calculated |IMISC 
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